CVE-2016-1445

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance (ASA) Software versions 8.2 through 9.4.3.3

Description A bypass issue in the implementation of access control list (ACL) permit and deny filters for ICMP echo reply messages could allow an unauthenticated, remote attacker to bypass ACL configurations. This may result in ICMP traffic that should be denied being allowed through the affected device.

Recommendations For versions 8.2 through 9.4.3.3, consider restricting access to ICMP echo reply messages to minimize the risk of exploitation until a patch is available. As a temporary workaround, review and adjust ACL configurations to ensure they are properly set up to deny unwanted ICMP traffic.