Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Denial of Service Vulnerability
Description
A vulnerability in the SIP inspection process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a watchdog timeout and crash during the cleanup of threads that are associated with a SIP connection that is being deleted from the connection list. An attacker could exploit this vulnerability by sending a high rate of crafted SIP traffic through an affected device. A successful exploit could allow the attacker to cause a watchdog timeout and crash, resulting in a crash and reload of the affected device.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Cisco Systems, Inc./Adaptive Security Appliance Cx Context Aware Security Softwarellm-fuzzy2 versions
(expand)+ 1 more
- (no CPE)
- (no CPE)range: n/a
Patches
Vulnerability mechanics
References
1- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sipdos-3DGvdjvgmitrevendor-advisoryx_refsource_CISCO
News mentions
0No linked articles in our index yet.