CVE-2015-0760

Name of the Vulnerable Software and Affected Versions Cisco ASA Software versions 7.x through 8.2.x before 8.2.2.13

Description The issue is related to the IKEv1 implementation in Cisco ASA Software, which allows remote authenticated users to bypass XAUTH authentication via crafted IKEv1 packets. This can enable a remote attacker to bypass Extended Authentication and successfully log in via IPsec remote VPN. The vulnerability is associated with errors in security settings and insufficient access control to certain functions.

Recommendations For versions 7.x through 8.2.x before 8.2.2.13, update to version 8.2.2.13 or later to resolve the issue. As a temporary workaround, consider restricting access to IKEv1 packets to minimize the risk of exploitation. Restrict access to the IPsec remote VPN functionality until the issue is resolved.