CVE-2019-12677

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance (ASA) Software (affected versions not specified)

Description A vulnerability in the Secure Sockets Layer (SSL) VPN feature could allow an authenticated, remote attacker to cause a denial of service (DoS) condition that prevents the creation of new SSL/Transport Layer Security (TLS) connections to an affected device. The vulnerability is due to incorrect handling of Base64-encoded strings. An attacker could exploit this vulnerability by opening many SSL VPN sessions to an affected device, requiring valid user credentials on the affected device. A successful exploit could allow the attacker to overwrite a special system memory location, resulting in memory allocation errors for new SSL/TLS sessions to the device, preventing successful establishment of these sessions. Established SSL/TLS connections to the device and SSL/TLS connections through the device are not affected.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.