A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote malicious user to trigger a denial of service (DoS) condition on an affected device. This vulnerability is due to improper control of a resource. An attacker with the ability to spoof a trusted IKEv2 site-to-site VPN peer and in possession of valid IKEv2 credentials for that peer could exploit this vulnerability by sending malformed, authenticated IKEv2 messages to an affected device. A successful exploit could allow the malicious user to trigger a reload of the device.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
cisco firepower threat defense |
||
cisco adaptive security appliance software |
||
cisco asa_5512-x_firmware 009.016\\(001.025\\) |
||
cisco asa_5505_firmware 009.016\\(001.025\\) |
||
cisco asa_5515-x_firmware 009.016\\(001.025\\) |
||
cisco asa_5525-x_firmware 009.016\\(001.025\\) |
||
cisco asa_5545-x_firmware 009.016\\(001.025\\) |
||
cisco asa_5555-x_firmware 009.016\\(001.025\\) |
||
cisco asa_5580_firmware 009.016\\(001.025\\) |
||
cisco asa_5585-x_firmware 009.016\\(001.025\\) |
Vulmon