cve-2016-9225
Vulnerability from cvelistv5
Published
2017-02-01 19:00
Modified
2024-08-06 02:42
Severity ?
Summary
A vulnerability in the data plane IP fragment handler of the Cisco Adaptive Security Appliance (ASA) CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX module to be unable to process further traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of IP fragments. An attacker could exploit this vulnerability by sending crafted fragmented IP traffic across the CX module. An exploit could allow the attacker to exhaust free packet buffers in shared memory (SHM), causing the CX module to be unable to process further traffic, resulting in a DoS condition. This vulnerability affects all versions of the ASA CX Context-Aware Security module. Cisco has not released and will not release software updates that address this vulnerability. There are no workarounds that address this vulnerability. Cisco Bug IDs: CSCva62946.
References
ykramarz@cisco.comhttp://www.securityfocus.com/bid/95788Third Party Advisory, VDB Entry
ykramarz@cisco.comhttp://www.securitytracker.com/id/1037696Third Party Advisory, VDB Entry
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170125-casVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/95788Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1037696Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170125-casVendor Advisory
Impacted products
Vendor Product Version
n/a all versions of the ASA CX Context-Aware Security module Version: all versions of the ASA CX Context-Aware Security module
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:42:11.088Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "95788",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95788"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170125-cas"
          },
          {
            "name": "1037696",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037696"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "all versions of the ASA CX Context-Aware Security module",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "all versions of the ASA CX Context-Aware Security module"
            }
          ]
        }
      ],
      "datePublic": "2017-02-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the data plane IP fragment handler of the Cisco Adaptive Security Appliance (ASA) CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX module to be unable to process further traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of IP fragments. An attacker could exploit this vulnerability by sending crafted fragmented IP traffic across the CX module. An exploit could allow the attacker to exhaust free packet buffers in shared memory (SHM), causing the CX module to be unable to process further traffic, resulting in a DoS condition. This vulnerability affects all versions of the ASA CX Context-Aware Security module. Cisco has not released and will not release software updates that address this vulnerability. There are no workarounds that address this vulnerability. Cisco Bug IDs: CSCva62946."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "CWE-399",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-02-10T21:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "95788",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95788"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170125-cas"
        },
        {
          "name": "1037696",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037696"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2016-9225",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "all versions of the ASA CX Context-Aware Security module",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "all versions of the ASA CX Context-Aware Security module"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the data plane IP fragment handler of the Cisco Adaptive Security Appliance (ASA) CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX module to be unable to process further traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of IP fragments. An attacker could exploit this vulnerability by sending crafted fragmented IP traffic across the CX module. An exploit could allow the attacker to exhaust free packet buffers in shared memory (SHM), causing the CX module to be unable to process further traffic, resulting in a DoS condition. This vulnerability affects all versions of the ASA CX Context-Aware Security module. Cisco has not released and will not release software updates that address this vulnerability. There are no workarounds that address this vulnerability. Cisco Bug IDs: CSCva62946."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "95788",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95788"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170125-cas",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170125-cas"
            },
            {
              "name": "1037696",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037696"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2016-9225",
    "datePublished": "2017-02-01T19:00:00",
    "dateReserved": "2016-11-06T00:00:00",
    "dateUpdated": "2024-08-06T02:42:11.088Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EBC9743A-641F-4F0A-97FC-5DF8B0333222\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.0.1-40:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F7F990CF-B6DD-4EE3-B45D-CE4B1110A6DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A81A0E90-9200-436C-81BC-FA4BF745EEDB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.0.2-68:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"13B6FFEA-4F46-4D20-9821-FE32B57F6145\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.0_base:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8068EA1D-6AD6-4BF3-AA1F-C8AD0BC8F298\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.1.2-29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A4AE8C1-9BD1-491A-9835-D95F4D90F496\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.1.2-42:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0710827-10AD-4DE9-BB0F-B4D072DDC8DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.1.3-8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"96F09A7A-9A3D-4D73-912A-2B01CEABEFBA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.1.3-10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0AA36AEA-6516-41DD-90D3-0504A4CB5231\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.1.3-13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"68C47683-C68B-4B84-80F6-FDFF9156991C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.2.1-1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AEFA5ADA-E573-447B-AFD9-E37682B57BD9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.2.2-1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E5E0F299-9B0A-46A2-83A2-EEB3E6D2B828\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3\\\\(1.1.112\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1EA695E3-7E4E-4ECA-8BF6-4B2024DA15D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3.1-1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BBAD7032-2FD8-4FAE-8A77-0488EE8ECAF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3.2-1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C5E3D601-FE3F-433A-84BD-6F070000BAE2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3.3.1-13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"90ADCF2B-BD2C-48D3-9507-B0C82D6FDADA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3.4-1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"63B17493-3AD5-4699-A2D3-9F3B4BB3631C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3.4-2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"58C171D9-0EFF-43DC-AF02-D3B8A2DFACF2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3.4-3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"055252B1-ABEA-4894-A84C-F9D75416346D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3.4-4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9576E0A1-2184-4136-B161-D168FB7790A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3.4-5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A11720CA-D957-4F51-9388-3BE795E5D1C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3.4-6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A8EB3C3-7B09-4413-857A-0092FE1EB182\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3.4.1.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AEE236E6-BA43-47CD-BCE0-7BEFE9662B20\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3_base:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4D9B6425-12DD-44F4-9708-7D7529CB1DE5\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability in the data plane IP fragment handler of the Cisco Adaptive Security Appliance (ASA) CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX module to be unable to process further traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of IP fragments. An attacker could exploit this vulnerability by sending crafted fragmented IP traffic across the CX module. An exploit could allow the attacker to exhaust free packet buffers in shared memory (SHM), causing the CX module to be unable to process further traffic, resulting in a DoS condition. This vulnerability affects all versions of the ASA CX Context-Aware Security module. Cisco has not released and will not release software updates that address this vulnerability. There are no workarounds that address this vulnerability. Cisco Bug IDs: CSCva62946.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad en el manejador de fragmentos de IP de plano de datos del m\\u00f3dulo CX Context-Aware Security de Cisco Adaptive Security Appliance (ASA) podr\\u00edan permitir a un atacante remoto no autenticado provocar que el m\\u00f3dulo CX no pudiera procesar m\\u00e1s tr\\u00e1fico, resultando en una denegaci\\u00f3n de servicio (DoS). La vulnerabilidad se debe a un manejo inadecuado de fragmentos IP. Un atacante podr\\u00eda explotar esta vulnerabilidad mediante el env\\u00edo de tr\\u00e1fico IP fragmentado manipulado a trav\\u00e9s del m\\u00f3dulo CX. Un exploit podr\\u00eda permitir al atacante agotar los b\\u00fafers de paquetes libres en la SHM, haciendo que el m\\u00f3dulo CX no pueda procesar m\\u00e1s tr\\u00e1fico, resultando en una condici\\u00f3n DoS. Esta vulnerabilidad afecta a todas las versiones del m\\u00f3dulo ASA CX Context-Aware Security. Cisco no ha lanzado y no lanzar\\u00e1 actualizaciones de software que aborden esta vulnerabilidad. No existen soluciones provisionales que aborden esta vulnerabilidad. ID de errores de Cisco: CSCva62946\"}]",
      "id": "CVE-2016-9225",
      "lastModified": "2024-11-21T03:00:49.890",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\", \"baseScore\": 8.6, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 4.0}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2017-02-01T19:59:00.157",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/95788\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1037696\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170125-cas\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/95788\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1037696\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170125-cas\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-399\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-399\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-9225\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2017-02-01T19:59:00.157\",\"lastModified\":\"2024-11-21T03:00:49.890\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the data plane IP fragment handler of the Cisco Adaptive Security Appliance (ASA) CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX module to be unable to process further traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of IP fragments. An attacker could exploit this vulnerability by sending crafted fragmented IP traffic across the CX module. An exploit could allow the attacker to exhaust free packet buffers in shared memory (SHM), causing the CX module to be unable to process further traffic, resulting in a DoS condition. This vulnerability affects all versions of the ASA CX Context-Aware Security module. Cisco has not released and will not release software updates that address this vulnerability. There are no workarounds that address this vulnerability. Cisco Bug IDs: CSCva62946.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en el manejador de fragmentos de IP de plano de datos del m\u00f3dulo CX Context-Aware Security de Cisco Adaptive Security Appliance (ASA) podr\u00edan permitir a un atacante remoto no autenticado provocar que el m\u00f3dulo CX no pudiera procesar m\u00e1s tr\u00e1fico, resultando en una denegaci\u00f3n de servicio (DoS). La vulnerabilidad se debe a un manejo inadecuado de fragmentos IP. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de tr\u00e1fico IP fragmentado manipulado a trav\u00e9s del m\u00f3dulo CX. Un exploit podr\u00eda permitir al atacante agotar los b\u00fafers de paquetes libres en la SHM, haciendo que el m\u00f3dulo CX no pueda procesar m\u00e1s tr\u00e1fico, resultando en una condici\u00f3n DoS. Esta vulnerabilidad afecta a todas las versiones del m\u00f3dulo ASA CX Context-Aware Security. Cisco no ha lanzado y no lanzar\u00e1 actualizaciones de software que aborden esta vulnerabilidad. No existen soluciones provisionales que aborden esta vulnerabilidad. ID de errores de Cisco: CSCva62946\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\",\"baseScore\":8.6,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":4.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-399\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-399\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBC9743A-641F-4F0A-97FC-5DF8B0333222\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.0.1-40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7F990CF-B6DD-4EE3-B45D-CE4B1110A6DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A81A0E90-9200-436C-81BC-FA4BF745EEDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.0.2-68:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13B6FFEA-4F46-4D20-9821-FE32B57F6145\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.0_base:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8068EA1D-6AD6-4BF3-AA1F-C8AD0BC8F298\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.1.2-29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A4AE8C1-9BD1-491A-9835-D95F4D90F496\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.1.2-42:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0710827-10AD-4DE9-BB0F-B4D072DDC8DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.1.3-8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96F09A7A-9A3D-4D73-912A-2B01CEABEFBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.1.3-10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AA36AEA-6516-41DD-90D3-0504A4CB5231\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.1.3-13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68C47683-C68B-4B84-80F6-FDFF9156991C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.2.1-1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AEFA5ADA-E573-447B-AFD9-E37682B57BD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.2.2-1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5E0F299-9B0A-46A2-83A2-EEB3E6D2B828\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3\\\\(1.1.112\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EA695E3-7E4E-4ECA-8BF6-4B2024DA15D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3.1-1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBAD7032-2FD8-4FAE-8A77-0488EE8ECAF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3.2-1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5E3D601-FE3F-433A-84BD-6F070000BAE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3.3.1-13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90ADCF2B-BD2C-48D3-9507-B0C82D6FDADA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3.4-1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63B17493-3AD5-4699-A2D3-9F3B4BB3631C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3.4-2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58C171D9-0EFF-43DC-AF02-D3B8A2DFACF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3.4-3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"055252B1-ABEA-4894-A84C-F9D75416346D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3.4-4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9576E0A1-2184-4136-B161-D168FB7790A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3.4-5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A11720CA-D957-4F51-9388-3BE795E5D1C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3.4-6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A8EB3C3-7B09-4413-857A-0092FE1EB182\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3.4.1.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AEE236E6-BA43-47CD-BCE0-7BEFE9662B20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3_base:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D9B6425-12DD-44F4-9708-7D7529CB1DE5\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/95788\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1037696\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170125-cas\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/95788\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1037696\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170125-cas\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.