Name of the Vulnerable Software and Affected Versions:

Cisco IOS Software (affected versions not specified)

Cisco IOS XE Software (affected versions not specified)

Cisco Secure Firewall Adaptive Security Appliance (ASA) Software (affected versions not specified)

Cisco Secure Firewall Threat Defense (FTD) Software (affected versions not specified)

Description:

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition. This issue is due to a lack of proper processing of IKEv2 packets. An attacker could exploit this by sending crafted IKEv2 packets to an affected device. In the case of Cisco IOS and IOS XE Software, a successful exploit could cause the device to reload unexpectedly. In the case of Cisco ASA and FTD Software, a successful exploit could allow the attacker to partially exhaust system memory, causing system instability such as being unable to establish new IKEv2 VPN sessions. A manual reboot of the device is required to recover from this condition.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.