CVE-2012-5010

Name of the Vulnerable Software and Affected Versions: ASA 5515-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software versions 9.4.x through 9.4.0, 9.2.x through 9.2.3, 8.4.x through 8.4.6, 8.2.x through 8.2.4 ASA 5510 Adaptive Security Appliance Adaptive Security Appliance (ASA) Software versions 8.4.x through 8.4.6, 8.2.x through 8.2.4, 9.1.x through 9.1.5 ASA 5555-X Adaptive Security Appliance ASA for Application Centric Infrastructure (ACI) Device Package versions 1.2.4.x through 1.2.4.7 ASA 5512-X Adaptive Security Appliance ASA for Application Centric Infrastructure (ACI) Device Package versions 1.2.4.x through 1.2.4.7 ASA 5520 Adaptive Security Appliance Adaptive Security Appliance (ASA) Software versions 8.2.x through 8.2.4, 8.4.x through 8.4.6, 9.1.x through 9.1.5 ASA 5505 Adaptive Security Appliance Adaptive Security Appliance (ASA) Software versions 9.2.x through 9.2.3, 8.4.x through 8.4.6, 9.1.x through 9.1.5 ASA 5525-X Adaptive Security Appliance ASA for Application Centric Infrastructure (ACI) Device Package versions 1.2.4.x through 1.2.4.7 ASA 5512-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software versions 9.4.x through 9.4.0, 9.2.x through 9.2.3, 9.1.x through 9.1.5 ASA 5545-X Adaptive Security Appliance ASA for Application Centric Infrastructure (ACI) Device Package versions 1.2.4.x through 1.2.4.7 ASA 5585-X Adaptive Security Appliance ASA for Application Centric Infrastructure (ACI) Device Package versions 1.2.4.x through 1.2.4.7 ASA 5540 Adaptive Security Appliance Adaptive Security Appliance (ASA) Software versions 8.2.x through 8.2.4, 8.4.x through 8.4.6, 9.1.x through 9.1.5 ASA 5515-X Adaptive Security Appliance ASA for Application Centric Infrastructure (ACI) Device Package versions 1.2.4.x through 1.2.4.7 ASA 5555-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software versions 9.2.x through 9.2.3, 9.4.x through 9.4.0, 9.1.x through 9.1.5 ASA 5580 Adaptive Security Appliance Adaptive Security Appliance (ASA) Software versions 9.1.x through 9.1.5 ASA 5585-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software versions 9.2.x through 9.2.3, 9.4.x through 9.4.0 ASA 5525-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software versions 9.4.x through 9.4.0, 9.2.x through 9.2.3, 9.1.x through 9.1.5 ASA 5545-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software versions 9.4.x through 9.4.0, 9.2.x through 9.2.3, 9.1.x through 9.1.5

Description: The issue arises because the ASA does not check the source of the ARP request or GARP packets for addresses it performs NAT translation for under unspecified conditions.

Recommendations: For ASA 5515-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software versions 9.4.x through 9.4.0, update to version 9.4.1 Interim or later. For ASA 5510 Adaptive Security Appliance Adaptive Security Appliance (ASA) Software versions 8.4.x through 8.4.6, update to version 8.4.7 Interim or later. For ASA 5555-X Adaptive Security Appliance ASA for Application Centric Infrastructure (ACI) Device Package versions 1.2.4.x through 1.2.4.7, update to version 1.2.4.8 or later. For ASA 5512-X Adaptive Security Appliance ASA for Application Centric Infrastructure (ACI) Device Package versions 1.2.4.x through 1.2.4.7, update to version 1.2.4.8 or later. For ASA 5520 Adaptive Security Appliance Adaptive Security Appliance (ASA) Software versions 8.2.x through 8.2.4, update to version 8.2.5 Interim or later. For ASA 5505 Adaptive Security Appliance Adaptive Security Appliance (ASA) Software versions 9.2.x through 9.2.3, update to version 9.2.4 Interim or later. For ASA 5525-X Adaptive Security Appliance ASA for Application Centric Infrastructure (ACI) Device Package versions 1.2.4.x through 1.2.4.7, update to version 1.2.4.8 or later. For ASA 5512-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software versions 9.4.x through 9.4.0, update to version 9.4.1 Interim or later. For ASA 5545-X Adaptive Security Appliance ASA for Application Centric Infrastructure (ACI) Device Package versions 1.2.4.x through 1.2.4.7, update to version 1.2.4.8 or later. For ASA 5585-X Adaptive Security Appliance ASA for Application Centric Infrastructure (ACI) Device Package versions 1.2.4.x through 1.2.4.7, update to version 1.2.4.8 or later. For ASA 5540 Adaptive Security Appliance Adaptive Security Appliance (ASA) Software versions 8.2.x through 8.2.4, update to version 8.2.5 Interim or later. For ASA 5515-X Adaptive Security Appliance ASA for Application Centric Infrastructure (ACI) Device Package versions 1.2.4.x through 1.2.4.7, update to version 1.2.4.8 or later. For ASA 5555-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software versions 9.2.x through 9.2.3, update to version 9.2.4 Interim or later. For ASA 5580 Adaptive Security Appliance Adaptive Security Appliance (ASA) Software versions 9.1.x through 9.1.5, update to version 9.1.6 Interim or later. For ASA 5585-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software versions 9.2.x through 9.2.3, update to version 9.2.4 Interim or later. For ASA 5525-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software versions 9.4.x through 9.4.0, update to version 9.4.1 Interim or later. For ASA 5545-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software versions 9.4.x through 9.4.0, update to version 9.4.1 Interim or later.