CVE-2018-15454

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance (ASA) Software (affected versions not specified) Cisco Firepower Threat Defense (FTD) Software (affected versions not specified)

Description A vulnerability in the Session Initiation Protocol (SIP) inspection engine could allow an unauthenticated, remote attacker to cause an affected device to reload or trigger high CPU, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of SIP traffic. An attacker could exploit this vulnerability by sending SIP requests designed to specifically trigger this issue at a high rate across an affected device.

Recommendations For Cisco Adaptive Security Appliance (ASA) Software, update to a version that addresses this vulnerability. For Cisco Firepower Threat Defense (FTD) Software, update to a version that addresses this vulnerability. As a temporary workaround, consider restricting SIP traffic to minimize the risk of exploitation.