CVE-2016-1367 — Cisco Adaptive Security Appliance Software vulnerability

CWE-3995 documents5 sources

Severity

7.5HIGHNVD

EPSS

0.4%

top 39.86%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Adaptive Security Appliance Software

Timeline

PublishedApr 21

Latest updateMay 17

Description

The DHCPv6 relay implementation in Cisco Adaptive Security Appliance (ASA) Software 9.4.1 allows remote attackers to cause a denial of service (device reload) via crafted DHCPv6 packets, aka Bug ID CSCus23248.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

▶NVDcisco/adaptive_security_appliance_software9.4.1

🔴Vulnerability Details

GHSA

GHSA-548p-w9c9-gw4q: The DHCPv6 relay implementation in Cisco Adaptive Security Appliance (ASA) Software 9↗2022-05-17

▶

CVEList

CVE-2016-1367: The DHCPv6 relay implementation in Cisco Adaptive Security Appliance (ASA) Software 9↗2016-04-21

▶

📋Vendor Advisories

Cisco

Cisco Adaptive Security Appliance Software DHCPv6 Relay Denial of Service Vulnerability↗2016-04-20

▶

💬Community

Bugzilla

CVE-2016-4457 CFME: default certificate used across all installs↗2016-05-31

▶