CVE-2019-1706

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance versions (affected versions not specified) Cisco Firepower 2100 Series running Cisco Adaptive Security Appliance (ASA) Software versions (affected versions not specified)

Description The issue is related to a logic error in the software cryptography module's handling of IPsec sessions, which could allow an unauthenticated, remote attacker to cause an unexpected reload of the device, resulting in a denial of service (DoS) condition. An attacker could exploit this by creating and sending traffic in a high number of IPsec sessions through the targeted device.

Recommendations For Cisco Adaptive Security Appliance, consider restricting the number of IPsec sessions to minimize the risk of exploitation until a patch is available. For Cisco Firepower 2100 Series running Cisco Adaptive Security Appliance (ASA) Software, consider temporarily disabling the software cryptography module as a workaround until a fix is provided. At the moment, there is no information about a newer version that contains a fix for this vulnerability.