Cisco Adaptive Security Appliance Remote Code Execution And Denial Of Service Vulnerability

A vulnerability in the command line interface cli parser of cisco adaptive security appliance asa software could allow an authenticated local attacker to create a denial of service dos condition or potentially execute arbitrary code.

Cisco adaptive security appliance remote code execution and denial of service vulnerability.

Known affected releases. Cisco has released software updates that address. It is also possible on certain software releases that the asa will not reload but an attacker could view sensitive system information without authentication by. This vulnerability occurs when the webvpn feature is enabled on an affected cisco asa device and an attempt to double free a region of memory occurs.

2018 may 17 17 52 gmt. No workarounds available. An attacker could exploit this vulnerability by invoking certain invalid commands in an affected device. 9 2 4 9 6 2 9 8 1 description partial.

A vulnerability in the web interface of the cisco adaptive security appliance asa could allow an unauthenticated remote attacker to cause an affected device to reload unexpectedly resulting in a denial of service dos condition. A vulnerability has been identified in the secure sockets layer ssl vpn functionality of the cisco adaptive security appliance asa software which could allow for remote code execution. Products 1 cisco asa 5500 x series firewalls.