CVE-2015-4458

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance (ASA) Software version 9.1(5.21)

Description The issue is related to the TLS implementation in the Cavium cryptographic-module firmware, which does not verify the MAC field. This allows man-in-the-middle attackers to spoof TLS content by modifying packets. The vulnerability can be exploited by a remote attacker to conduct man-in-the-middle attacks, potentially modifying the contents of an encrypted TLS packet without detection.

Recommendations For Cisco Adaptive Security Appliance (ASA) Software version 9.1(5.21), consider updating to a newer version that addresses this issue. As a temporary workaround, restrict access to sensitive data transmitted over TLS to minimize the risk of exploitation. Avoid using the TLS protocol for critical communications until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.