CVE-2021-1501

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance (ASA) Software (affected versions not specified) Cisco Firepower Threat Defense (FTD) Software (affected versions not specified)

Description A vulnerability in the SIP inspection engine could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition. The issue is due to a crash that occurs during a hash lookup for a SIP pinhole connection. An attacker could exploit this by sending crafted SIP traffic through an affected device. A successful exploit could allow the attacker to cause a crash and reload of the affected device.

Recommendations For Cisco Adaptive Security Appliance (ASA) Software, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Cisco Firepower Threat Defense (FTD) Software, at the moment, there is no information about a newer version that contains a fix for this vulnerability.