OpenCVE

The failover ipsec implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1 before 9.1(6), 9.2 before 9.2(3.3), and 9.3 before 9.3(3) does not properly validate failover communication messages, which allows remote attackers to reconfigure an ASA device, and consequently obtain administrative control, by sending crafted UDP packets over the local network to the failover interface, aka Bug ID CSCur21069.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:A/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Adaptive Security Appliance Software

Configuration 1 [-]

OR	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.1:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.1.4:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.2:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.2.8:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.3:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.3.2:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.4:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.4.5:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.10:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.12:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.15:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.21:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.1:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.4:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.7:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.8:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.3:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.1:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.1.1:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.2:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.2.2:::::::*

No data.

References

Link	Providers
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-asa
http://www.securitytracker.com/id/1032045

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2015-04-13T01:00:00

Updated: 2024-08-06T04:17:32.577Z

Reserved: 2015-01-07T00:00:00

Link: CVE-2015-0675

Vulnrichment

No data.

NVD

Status : Modified

Published: 2015-04-13T01:59:00.063

Modified: 2024-11-21T02:23:30.980

Link: CVE-2015-0675

Redhat

No data.

Metrics

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object