CVE-2015-0675

The failover ipsec implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1 before 9.1(6), 9.2 before 9.2(3.3), and 9.3 before 9.3(3) does not properly validate failover communication messages, which allows remote attackers to reconfigure an ASA device, and consequently obtain administrative control, by sending crafted UDP packets over the local network to the failover interface, aka Bug ID CSCur21069.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.3 UNKNOWN
ADJACENT_NETWORK
LOW
AV:A/AC:L/Au:N/C:C/I:C/A:C
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
VendorProductVersion
ciscoadaptive_security_appliance_software
9.1.1
ciscoadaptive_security_appliance_software
9.1.1.4
ciscoadaptive_security_appliance_software
9.1.2
ciscoadaptive_security_appliance_software
9.1.2.8
ciscoadaptive_security_appliance_software
9.1.3
ciscoadaptive_security_appliance_software
9.1.3.2
ciscoadaptive_security_appliance_software
9.1.4
ciscoadaptive_security_appliance_software
9.1.4.5
ciscoadaptive_security_appliance_software
9.1.5
ciscoadaptive_security_appliance_software
9.1.5.10
ciscoadaptive_security_appliance_software
9.1.5.12
ciscoadaptive_security_appliance_software
9.1.5.15
ciscoadaptive_security_appliance_software
9.1.5.21
ciscoadaptive_security_appliance_software
9.2.1
ciscoadaptive_security_appliance_software
9.2.2
ciscoadaptive_security_appliance_software
9.2.2.4
ciscoadaptive_security_appliance_software
9.2.2.7
ciscoadaptive_security_appliance_software
9.2.2.8
ciscoadaptive_security_appliance_software
9.2.3
ciscoadaptive_security_appliance_software
9.3.1
ciscoadaptive_security_appliance_software
9.3.1.1
ciscoadaptive_security_appliance_software
9.3.2
ciscoadaptive_security_appliance_software
9.3.2.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-asa
http://www.securitytracker.com/id/1032045
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-asa
http://www.securitytracker.com/id/1032045