CIS Logo
tagline: Confidence in the Connected World
HomeResourcesAdvisoriesMultiple Vulnerabilities in Cisco ASA Software

Multiple Vulnerabilities in Cisco ASA Software

MS-ISAC ADVISORY NUMBER:

2015-038

DATE(S) ISSUED:

04/08/2015

OVERVIEW:

Multiple vulnerabilities have been discovered in Cisco Adaptive Security Appliance (ASA) Software. The Cisco ASA family provides network security services such as firewall, intrusion prevention system (IPS), endpoint security (anti-x), and VPN.

The exploitation of these vulnerabilities could allow for complete system compromise on the device or may cause denial of service conditions.

THREAT INTELLIGENCE:

There are currently no reports of these vulnerabilities being exploited in the wild.

SYSTEMS AFFECTED:

  • Versions prior to Cisco Adaptive Security Appliance 9.2(3.3)
  • Versions prior to Cisco Adaptive Security Appliance (ASA) Software 9.1(6)
  • Versions prior to Cisco Adaptive Security Appliance (ASA) Software 9.3(3)
  • Versions prior to Cisco ASA FirePOWER Software 5.3.1.2
  • Versions prior to Cisco ASA CX Software 9.3.2.1-9

RISK:

Government:
  • Large and medium government entities: HIGH
  • Small government entities: HIGH
Businesses:
  • Large and medium business entities: HIGH
  • Small business entities: HIGH
Home Users:
LOW

TECHNICAL SUMMARY:

Cisco ASA Software is prone to multiple vulnerabilities that could allow for complete system compromise or denial of service. These vulnerabilities are as follows:

Cisco ASA Software is prone to the following vulnerabilities:

A vulnerability in the improper handling of secured failover communication messages when the failover IPsec feature is configured that may allow an unauthenticated, remote attacker to cause a complete system compromise. (CVE 2015-0675)
A vulnerability in the improper processing of DNS packets that may allow an unauthenticated, remote attacker the ability to cause denial-of-service conditions. (CVE 2015-0676)
A vulnerability in the insufficient hardening of the XML parser configuration that may allow an unauthenticated, remote attacker the ability to cause denial of service conditions. (CVE 2015-0677)
Cisco ASA FirePOWER Services and Cisco ASA CX Services are prone to the following vulnerability:

A vulnerability in the improper handling of crafted packets sent at a high rate to the management interface that may allow an unauthenticated, remote attacker the ability to cause denial-of-service conditions. (CVE 2015-0678)

RECOMENDATIONS:

We recommend the following actions be taken:

Apply software updates provided by Cisco, and workarounds that mitigate these vulnerabilities immediately after appropriate testing.

REFERENCES:

Get Email Updates When Cyber Threats Like This Arise

Arrow Subscribe to Advisories