Vulnerability-Lookup - Search a vulnerability

cve-2016-1369

Vulnerability from cvelistv5

Published

2016-05-05 21:00

Modified

2024-08-05 22:55

Severity ?

Summary

The Adaptive Security Appliance (ASA) 5585-X FirePOWER Security Services Processor (SSP) module for Cisco ASA with FirePOWER Services 5.3.1 through 6.0.0 misconfigures kernel logging, which allows remote attackers to cause a denial of service (resource consumption, and inspection outage or module outage) via a flood of crafted IP traffic, aka Bug ID CSCux19922.

References

▼	URL	Tags
	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-fpkern	vendor-advisory, x_refsource_CISCO
	http://www.securitytracker.com/id/1035743	vdb-entry, x_refsource_SECTRACK

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:55:14.312Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20160504 Cisco Adaptive Security Appliance with FirePOWER Services Kernel Logging Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-fpkern"
          },
          {
            "name": "1035743",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035743"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-05-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Adaptive Security Appliance (ASA) 5585-X FirePOWER Security Services Processor (SSP) module for Cisco ASA with FirePOWER Services 5.3.1 through 6.0.0 misconfigures kernel logging, which allows remote attackers to cause a denial of service (resource consumption, and inspection outage or module outage) via a flood of crafted IP traffic, aka Bug ID CSCux19922."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-29T16:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20160504 Cisco Adaptive Security Appliance with FirePOWER Services Kernel Logging Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-fpkern"
        },
        {
          "name": "1035743",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035743"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2016-1369",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Adaptive Security Appliance (ASA) 5585-X FirePOWER Security Services Processor (SSP) module for Cisco ASA with FirePOWER Services 5.3.1 through 6.0.0 misconfigures kernel logging, which allows remote attackers to cause a denial of service (resource consumption, and inspection outage or module outage) via a flood of crafted IP traffic, aka Bug ID CSCux19922."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20160504 Cisco Adaptive Security Appliance with FirePOWER Services Kernel Logging Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-fpkern"
            },
            {
              "name": "1035743",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1035743"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2016-1369",
    "datePublished": "2016-05-05T21:00:00",
    "dateReserved": "2016-01-04T00:00:00",
    "dateUpdated": "2024-08-05T22:55:14.312Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-1345

Vulnerability from cvelistv5

Published

2016-04-01 00:00

Modified

2024-08-05 22:55

Severity ?

Summary

Cisco FireSIGHT System Software 5.4.0 through 6.0.1 and ASA with FirePOWER Services 5.4.0 through 6.0.0.1 allow remote attackers to bypass malware protection via crafted fields in HTTP headers, aka Bug ID CSCux22726.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1035437	vdb-entry, x_refsource_SECTRACK
	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160330-fp	vendor-advisory, x_refsource_CISCO
	http://www.securitytracker.com/id/1035439	vdb-entry, x_refsource_SECTRACK
	http://www.securitytracker.com/id/1035438	vdb-entry, x_refsource_SECTRACK

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:55:14.598Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1035437",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035437"
          },
          {
            "name": "20160330 Cisco Firepower Malware Block Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160330-fp"
          },
          {
            "name": "1035439",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035439"
          },
          {
            "name": "1035438",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035438"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-03-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco FireSIGHT System Software 5.4.0 through 6.0.1 and ASA with FirePOWER Services 5.4.0 through 6.0.0.1 allow remote attackers to bypass malware protection via crafted fields in HTTP headers, aka Bug ID CSCux22726."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-30T18:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1035437",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035437"
        },
        {
          "name": "20160330 Cisco Firepower Malware Block Bypass Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160330-fp"
        },
        {
          "name": "1035439",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035439"
        },
        {
          "name": "1035438",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035438"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2016-1345",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco FireSIGHT System Software 5.4.0 through 6.0.1 and ASA with FirePOWER Services 5.4.0 through 6.0.0.1 allow remote attackers to bypass malware protection via crafted fields in HTTP headers, aka Bug ID CSCux22726."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1035437",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1035437"
            },
            {
              "name": "20160330 Cisco Firepower Malware Block Bypass Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160330-fp"
            },
            {
              "name": "1035439",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1035439"
            },
            {
              "name": "1035438",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1035438"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2016-1345",
    "datePublished": "2016-04-01T00:00:00",
    "dateReserved": "2016-01-04T00:00:00",
    "dateUpdated": "2024-08-05T22:55:14.598Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-0678

Vulnerability from cvelistv5

Published

2015-04-11 01:00

Modified

2024-08-06 04:17

Severity ?

Summary

The virtualization layer in Cisco ASA FirePOWER Software before 5.3.1.2 and 5.4.x before 5.4.0.1 and ASA Context-Aware (CX) Software before 9.3.2.1-9 allows remote attackers to cause a denial of service (device reload) by rapidly sending crafted packets to the management interface, aka Bug IDs CSCus11007 and CSCun56954.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1032046	vdb-entry, x_refsource_SECTRACK
	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-cxfp	vendor-advisory, x_refsource_CISCO

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T04:17:32.669Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1032046",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032046"
          },
          {
            "name": "20150408 Cisco ASA FirePOWER Services and Cisco ASA CX Services Crafted Packets Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-cxfp"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-04-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The virtualization layer in Cisco ASA FirePOWER Software before 5.3.1.2 and 5.4.x before 5.4.0.1 and ASA Context-Aware (CX) Software before 9.3.2.1-9 allows remote attackers to cause a denial of service (device reload) by rapidly sending crafted packets to the management interface, aka Bug IDs CSCus11007 and CSCun56954."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2015-04-16T17:57:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1032046",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032046"
        },
        {
          "name": "20150408 Cisco ASA FirePOWER Services and Cisco ASA CX Services Crafted Packets Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-cxfp"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2015-0678",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The virtualization layer in Cisco ASA FirePOWER Software before 5.3.1.2 and 5.4.x before 5.4.0.1 and ASA Context-Aware (CX) Software before 9.3.2.1-9 allows remote attackers to cause a denial of service (device reload) by rapidly sending crafted packets to the management interface, aka Bug IDs CSCus11007 and CSCun56954."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1032046",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032046"
            },
            {
              "name": "20150408 Cisco ASA FirePOWER Services and Cisco ASA CX Services Crafted Packets Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-cxfp"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2015-0678",
    "datePublished": "2015-04-11T01:00:00",
    "dateReserved": "2015-01-07T00:00:00",
    "dateUpdated": "2024-08-06T04:17:32.669Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd

Published

2015-04-11 01:59

Modified

2024-11-21 02:23

Severity ?

Summary

The virtualization layer in Cisco ASA FirePOWER Software before 5.3.1.2 and 5.4.x before 5.4.0.1 and ASA Context-Aware (CX) Software before 9.3.2.1-9 allows remote attackers to cause a denial of service (device reload) by rapidly sending crafted packets to the management interface, aka Bug IDs CSCus11007 and CSCun56954.

References

URL	Tags
ykramarz@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-cxfp	Vendor Advisory
ykramarz@cisco.com	http://www.securitytracker.com/id/1032046
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-cxfp	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1032046

Impacted products

Vendor	Product	Version
cisco	asa_with_firepower_services	5.3.1
cisco	asa_with_firepower_services	5.3.1.1
cisco	asa_with_firepower_services	5.4.0
cisco	asa_cx_context-aware_security_software	9.0.1
cisco	asa_cx_context-aware_security_software	9.0.1-40
cisco	asa_cx_context-aware_security_software	9.0.2
cisco	asa_cx_context-aware_security_software	9.0.2-68
cisco	asa_cx_context-aware_security_software	9.0_base
cisco	asa_cx_context-aware_security_software	9.1.2-29
cisco	asa_cx_context-aware_security_software	9.1.2-42
cisco	asa_cx_context-aware_security_software	9.1.3-8
cisco	asa_cx_context-aware_security_software	9.1.3-10
cisco	asa_cx_context-aware_security_software	9.1.3-13
cisco	asa_cx_context-aware_security_software	9.2.1-1
cisco	asa_cx_context-aware_security_software	9.2.1-2
cisco	asa_cx_context-aware_security_software	9.2.1-3
cisco	asa_cx_context-aware_security_software	9.2.1-4
cisco	asa_cx_context-aware_security_software	9.3\(1.1.112\)
cisco	asa_cx_context-aware_security_software	9.3.1-1
cisco	asa_cx_context-aware_security_software	9.3.2-1
cisco	asa_cx_context-aware_security_software	9.3_base

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_with_firepower_services:5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F831CAB0-9206-4BA4-B888-2B77E96BF5EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_with_firepower_services:5.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EE4A218-A8B8-4408-AA4C-A7A330DBF74F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_with_firepower_services:5.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E70D4739-02C7-4761-B2E3-4930BEA403B9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBC9743A-641F-4F0A-97FC-5DF8B0333222",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.0.1-40:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7F990CF-B6DD-4EE3-B45D-CE4B1110A6DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A81A0E90-9200-436C-81BC-FA4BF745EEDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.0.2-68:*:*:*:*:*:*:*",
              "matchCriteriaId": "13B6FFEA-4F46-4D20-9821-FE32B57F6145",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.0_base:*:*:*:*:*:*:*",
              "matchCriteriaId": "8068EA1D-6AD6-4BF3-AA1F-C8AD0BC8F298",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.1.2-29:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A4AE8C1-9BD1-491A-9835-D95F4D90F496",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.1.2-42:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0710827-10AD-4DE9-BB0F-B4D072DDC8DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.1.3-8:*:*:*:*:*:*:*",
              "matchCriteriaId": "96F09A7A-9A3D-4D73-912A-2B01CEABEFBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.1.3-10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AA36AEA-6516-41DD-90D3-0504A4CB5231",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.1.3-13:*:*:*:*:*:*:*",
              "matchCriteriaId": "68C47683-C68B-4B84-80F6-FDFF9156991C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.2.1-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEFA5ADA-E573-447B-AFD9-E37682B57BD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.2.1-2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1359CC7F-628F-44EB-B36D-FF1210E227B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.2.1-3:*:*:*:*:*:*:*",
              "matchCriteriaId": "16E7AFAD-3A1D-4244-AA61-85B430E8D51C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.2.1-4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC110506-3E7F-4DD9-99D2-6E04F1E65D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3\\(1.1.112\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1EA695E3-7E4E-4ECA-8BF6-4B2024DA15D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3.1-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBAD7032-2FD8-4FAE-8A77-0488EE8ECAF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3.2-1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5E3D601-FE3F-433A-84BD-6F070000BAE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3_base:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D9B6425-12DD-44F4-9708-7D7529CB1DE5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The virtualization layer in Cisco ASA FirePOWER Software before 5.3.1.2 and 5.4.x before 5.4.0.1 and ASA Context-Aware (CX) Software before 9.3.2.1-9 allows remote attackers to cause a denial of service (device reload) by rapidly sending crafted packets to the management interface, aka Bug IDs CSCus11007 and CSCun56954."
    },
    {
      "lang": "es",
      "value": "La capa de virtualizaci\u00f3n en Software Cisco ASA FirePOWER anterior a 5.3.1.2 y 5.4.x anterior a 5.4.0.1 y Software ASA Context-Aware (CX) anterior a 9.3.2.1-9 permite a atacantes remotos causar una denegaci\u00f3n de servicio (recarga de dispositivo) mediante el env\u00edo r\u00e1pido de paquetes manipulados a la interfaz de gesti\u00f3n, tambi\u00e9n conocido como Bug IDs CSCus11007 y CSCun56954."
    }
  ],
  "id": "CVE-2015-0678",
  "lastModified": "2024-11-21T02:23:31.367",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-04-11T01:59:00.087",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-cxfp"
    },
    {
      "source": "ykramarz@cisco.com",
      "url": "http://www.securitytracker.com/id/1032046"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-cxfp"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1032046"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2016-04-01 00:59

Modified

2024-11-21 02:46

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Summary

Cisco FireSIGHT System Software 5.4.0 through 6.0.1 and ASA with FirePOWER Services 5.4.0 through 6.0.0.1 allow remote attackers to bypass malware protection via crafted fields in HTTP headers, aka Bug ID CSCux22726.

References

URL	Tags
ykramarz@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160330-fp	Vendor Advisory
ykramarz@cisco.com	http://www.securitytracker.com/id/1035437
ykramarz@cisco.com	http://www.securitytracker.com/id/1035438
ykramarz@cisco.com	http://www.securitytracker.com/id/1035439
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160330-fp	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1035437
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1035438
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1035439

Impacted products

Vendor	Product	Version
cisco	asa_with_firepower_services	5.4.0
cisco	asa_with_firepower_services	5.4.0.1
cisco	asa_with_firepower_services	5.4.0.2
cisco	asa_with_firepower_services	5.4.0.3
cisco	asa_with_firepower_services	5.4.0.4
cisco	asa_with_firepower_services	5.4.0.5
cisco	asa_with_firepower_services	5.4.0.6
cisco	asa_with_firepower_services	6.0.0
cisco	asa_with_firepower_services	6.0.0.1
cisco	firesight_system_software	5.4.0
cisco	firesight_system_software	5.4.0.1
cisco	firesight_system_software	5.4.0.2
cisco	firesight_system_software	5.4.0.3
cisco	firesight_system_software	5.4.0.4
cisco	firesight_system_software	5.4.0.5
cisco	firesight_system_software	5.4.0.6
cisco	firesight_system_software	5.4.1
cisco	firesight_system_software	5.4.1.2
cisco	firesight_system_software	5.4.1.3
cisco	firesight_system_software	5.4.1.4
cisco	firesight_system_software	6.0.0
cisco	firesight_system_software	6.0.0.1
cisco	firesight_system_software	6.0.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8C72F82-238A-496E-9B01-F545889DE972",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB63124-15FC-434A-9BC3-B8072BB74DD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FC9D5C8-A2F7-4A4D-9672-BA92D3F70299",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3162DAB2-0866-4427-9B6D-58B025DFD0F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C51E5901-A395-4208-B642-4DD23A6B63A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B6488E2-4B6A-4C93-A9CF-AA32013A1605",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "08314129-10D6-421C-AEE1-348460EBDD0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2239F826-AAFA-4354-9BED-2C33AEF983D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:6.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0275E2F5-30EF-4D0D-A0CC-BFEB0B97E378",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EB13B96-D431-49BD-ADAB-9AE5DB559935",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "79AECC9E-657F-4BFF-B640-B96CD1384647",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2424A93-0C9D-4839-9773-EBFD143F6240",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C27E220F-160C-4706-9516-27889F7B37E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CB0484C-F0B7-4349-856E-194E97A7F8A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FD5721D-8F28-4A7C-B2BE-97CE796B208A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "85DEC2B7-2142-4959-817F-2F9B3AA82660",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7DC251B-1CA8-4232-A900-885933E01FB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD0DF530-4865-45A1-87CA-6ED6026A56A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7335266F-B16F-4EFB-B1D2-1F61B3EBB437",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firesight_system_software:5.4.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "13BF9C6F-B511-444B-B6B7-960DF8758964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "55D52DB0-4441-41C9-900E-DE917B0CBC91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D032900-6B00-4F4D-A2F7-6119F113675F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firesight_system_software:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC5565FE-174C-41C7-9462-9138BB31507D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco FireSIGHT System Software 5.4.0 through 6.0.1 and ASA with FirePOWER Services 5.4.0 through 6.0.0.1 allow remote attackers to bypass malware protection via crafted fields in HTTP headers, aka Bug ID CSCux22726."
    },
    {
      "lang": "es",
      "value": "Cisco FireSIGHT System Software 5.4.0 hasta la versi\u00f3n 6.0.1 y ASA con FirePOWER Services 5.4.0 hasta la versi\u00f3n 6.0.0.1 permiten a atacantes remotos eludir la protecci\u00f3n de malware a trav\u00e9s de campos manipulados en cabeceras HTTP, tambi\u00e9n conocida como Bug ID CSCux22726."
    }
  ],
  "id": "CVE-2016-1345",
  "lastModified": "2024-11-21T02:46:13.527",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-04-01T00:59:00.113",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160330-fp"
    },
    {
      "source": "ykramarz@cisco.com",
      "url": "http://www.securitytracker.com/id/1035437"
    },
    {
      "source": "ykramarz@cisco.com",
      "url": "http://www.securitytracker.com/id/1035438"
    },
    {
      "source": "ykramarz@cisco.com",
      "url": "http://www.securitytracker.com/id/1035439"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160330-fp"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1035437"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1035438"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1035439"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2016-05-05 21:59

Modified

2024-11-21 02:46

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

The Adaptive Security Appliance (ASA) 5585-X FirePOWER Security Services Processor (SSP) module for Cisco ASA with FirePOWER Services 5.3.1 through 6.0.0 misconfigures kernel logging, which allows remote attackers to cause a denial of service (resource consumption, and inspection outage or module outage) via a flood of crafted IP traffic, aka Bug ID CSCux19922.

References

URL	Tags
ykramarz@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-fpkern	Vendor Advisory
ykramarz@cisco.com	http://www.securitytracker.com/id/1035743
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-fpkern	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1035743

Impacted products

Vendor	Product	Version
cisco	asa_with_firepower_services	5.3.1
cisco	asa_with_firepower_services	5.3.1.1
cisco	asa_with_firepower_services	5.4.0
cisco	asa_with_firepower_services	5.4.0.1
cisco	asa_with_firepower_services	5.4.0.2
cisco	asa_with_firepower_services	5.4.0.3
cisco	asa_with_firepower_services	5.4.0.4
cisco	asa_with_firepower_services	5.4.0.5
cisco	asa_with_firepower_services	5.4.0.6
cisco	asa_with_firepower_services	5.4.1
cisco	asa_with_firepower_services	5.4.1.1
cisco	asa_with_firepower_services	5.4.1.2
cisco	asa_with_firepower_services	5.4.1.3
cisco	asa_with_firepower_services	5.4.1.4
cisco	asa_with_firepower_services	5.4.1.5
cisco	asa_with_firepower_services	5.4.05
cisco	asa_with_firepower_services	6.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C1F5880-B633-4B89-8D4D-6DB5C1E11516",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "32328E7E-2D2A-4604-90E0-7B91C21F1662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8C72F82-238A-496E-9B01-F545889DE972",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB63124-15FC-434A-9BC3-B8072BB74DD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FC9D5C8-A2F7-4A4D-9672-BA92D3F70299",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3162DAB2-0866-4427-9B6D-58B025DFD0F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C51E5901-A395-4208-B642-4DD23A6B63A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B6488E2-4B6A-4C93-A9CF-AA32013A1605",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "08314129-10D6-421C-AEE1-348460EBDD0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "02D8F14A-53A6-44B2-B2A1-3353C3A451C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA6DA0A1-3C6D-47EA-8066-30BF7FB765BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED7ED81-9025-4F8D-A458-BC91A90FDCEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EC2A704-4148-4F73-A447-424CB9E1A2D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "08373044-E3BE-442C-9C2E-500775B77FA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "69EB4A85-F881-4665-A725-3F77AF13CAB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:5.4.05:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8C8CAC6-7F7E-47F1-8206-F146CF43D74F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa_with_firepower_services:6.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2239F826-AAFA-4354-9BED-2C33AEF983D8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Adaptive Security Appliance (ASA) 5585-X FirePOWER Security Services Processor (SSP) module for Cisco ASA with FirePOWER Services 5.3.1 through 6.0.0 misconfigures kernel logging, which allows remote attackers to cause a denial of service (resource consumption, and inspection outage or module outage) via a flood of crafted IP traffic, aka Bug ID CSCux19922."
    },
    {
      "lang": "es",
      "value": "El m\u00f3dulo Adaptive Security Appliance (ASA) 5585-X FirePOWER Security Services Processor (SSP) para Cisco ASA con FirePOWER Services 5.3.1 hasta la versi\u00f3n 6.0.0 configura incorrectamente el registro del kernel, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de recursos e interrupci\u00f3n de inspecci\u00f3n o interrupci\u00f3n de m\u00f3dulo) a trav\u00e9s de una inundaci\u00f3n de tr\u00e1fico IP manipulado, tambi\u00e9n conocido como Bug ID CSCux19922."
    }
  ],
  "id": "CVE-2016-1369",
  "lastModified": "2024-11-21T02:46:16.290",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-05-05T21:59:01.830",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-fpkern"
    },
    {
      "source": "ykramarz@cisco.com",
      "url": "http://www.securitytracker.com/id/1035743"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-fpkern"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1035743"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

All the vulnerabilites related to cisco - asa_with_firepower_services

cve-2016-1369

Vulnerability from cvelistv5

cve-2016-1345

Vulnerability from cvelistv5

cve-2015-0678

Vulnerability from cvelistv5

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd