Informazioni sul CVE-2019-1708
Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software MOBIKE Denial of Service Vulnerability
CWE ID: CWE-404
Base Score (CVSS): N/A
CVE: CVE-2019-1708
Descrizione: A vulnerability in the Internet Key Exchange Version 2 Mobility and Multihoming Protocol (MOBIKE) feature for the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to the incorrect processing of certain MOBIKE packets. An attacker could exploit this vulnerability by sending crafted MOBIKE packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. The MOBIKE feature is supported only for IPv4 addresses.
Vettore di attacco
Punteggio CVSS
Il CVSS è un sistema di valutazione che misura la gravità di una vulnerabilità informatica considerando fattori come l’impatto potenziale, la probabilità di attacco e la facilità di esecuzione.
Riassunto: .
Dettaglio del Vettore
| Metrica | Valore | Significato | Descrizione |
|---|
Riferimenti esterni
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-ike-dos
- http://www.securityfocus.com/bid/108166
Prodotti interessati
- Cisco – Cisco Adaptive Security Appliance (ASA) Software
- Cisco – Cisco Firepower Threat Defense (FTD) Software
Relazioni con altri prodotti
Produttore:Cisco
Prodotto: Cisco Adaptive Security Appliance (ASA) Software
Anno: 2019
CWE: CWE-404
CVSS: 0.0
Produttore:Cisco
Prodotto: Cisco Firepower Threat Defense (FTD) Software
Anno: 2019
CWE: CWE-404
CVSS: 0.0