Medium severity4.3NVD Advisory· Published Jan 15, 2016· Updated May 6, 2026

CVE-2015-6423

Description

The DCERPC Inspection implementation in Cisco Adaptive Security Appliance (ASA) Software 9.4.1 through 9.5.1 allows remote authenticated users to bypass an intended DCERPC-only ACL by sending arbitrary network traffic, aka Bug ID CSCuu67782.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A DCERPC Inspection ACL bypass in Cisco ASA 9.4.1–9.5.1 allows authenticated remote users to send non-DCERPC traffic between hosts that should be restricted.

Vulnerability

The DCERPC Inspection implementation in Cisco Adaptive Security Appliance (ASA) Software versions 9.4.1 through 9.5.1 contains an internal ACL that is incorrectly programmed to allow all traffic types instead of being restricted to DCERPC traffic on TCP port 135. This allows traffic that is not DCERPC to bypass the intended ACL [1].

Exploitation

An authenticated remote attacker can send arbitrary network traffic between hosts that are configured for DCERPC inspection. The attacker only needs network access to the ASA and to be authenticated; no special position or race condition is required. The flawed ACL permits non-DCERPC traffic that would normally be dropped [1].

Impact

Successful exploitation allows the attacker to reach hosts that should be restricted by the ASA's DCERPC-only ACL. This effectively bypasses an intended access control rule, leading to unauthorized network access and potential information disclosure or further exploitation of the internal hosts [1].

Mitigation

Cisco has released software updates to address this vulnerability. No workarounds are available. Users should upgrade to a fixed Cisco ASA Software version as indicated in the vendor advisory. Systems running affected versions (9.4.1–9.5.1) remain vulnerable until patched [1].

References

Cisco Security Advisory: Cisco Adaptive Security Appliance Non-DCERPC Traffic Bypass Vulnerability

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Cisco Systems, Inc./Cisco Adaptive Security Appliance7 versions
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.3:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.5:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.2:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.1:*:*:*:*:*:*:*
Cisco Systems, Inc./Adaptive Security Appliance (ASA) Softwarellm-fuzzy
Range: >=9.4.1, <=9.5.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160111-asanvdVendor Advisory
www.securitytracker.com/id/1034644nvd

News mentions

No linked articles in our index yet.

cvss	0.280
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000