CVE-2016-6366

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance (ASA) Software versions through 9.4.2.3

Description The issue is caused by a buffer overflow in the Simple Network Management Protocol (SNMP) code, allowing remote authenticated users to execute arbitrary code via crafted IPv4 SNMP packets. This can also cause a reload of the affected system. The vulnerability affects various Cisco devices, including ASA 5500, ASA 5500-X, ASA Services Module, ASA 1000V, ASAv, Firepower 9300 ASA Security Module, PIX, and FWSM.

Recommendations For versions through 9.4.2.3, consider disabling SNMP or restricting access to the SNMP service until a patch is available. As a temporary workaround, restrict access to the vulnerable devices to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.