CVE-2016-1379Cisco Adaptive Security Appliance Software vulnerability

CWE-3994 documents4 sources
Severity
6.5MEDIUMNVD
EPSS
1.0%
top 22.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Adaptive Security Appliance Software
Timeline
PublishedMay 28
Latest updateMay 17

Description

Cisco Adaptive Security Appliance (ASA) Software 9.0 through 9.5.1 mishandles IPsec error processing, which allows remote authenticated users to cause a denial of service (memory consumption) via crafted (1) LAN-to-LAN or (2) Remote Access VPN tunnel packets, aka Bug ID CSCuv70576.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-3774-mw38-qfwj: Cisco Adaptive Security Appliance (ASA) Software 92022-05-17
CVEList
CVE-2016-1379: Cisco Adaptive Security Appliance (ASA) Software 92016-05-28

📋Vendor Advisories

1
Cisco
Cisco Adaptive Security Appliance VPN Memory Block Exhaustion Vulnerability2016-05-17
CVE-2016-1379 — Cisco vulnerability | cvebase