CVE-2016-1379

Cisco Adaptive Security Appliance (ASA) Software 9.0 through 9.5.1 mishandles IPsec error processing, which allows remote authenticated users to cause a denial of service (memory consumption) via crafted (1) LAN-to-LAN or (2) Remote Access VPN tunnel packets, aka Bug ID CSCuv70576.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 62%
VendorProductVersion
ciscoadaptive_security_appliance_software
9.0.1
ciscoadaptive_security_appliance_software
9.0.2
ciscoadaptive_security_appliance_software
9.0.2.10
ciscoadaptive_security_appliance_software
9.0.3
ciscoadaptive_security_appliance_software
9.0.3.6
ciscoadaptive_security_appliance_software
9.0.3.8
ciscoadaptive_security_appliance_software
9.0.4
ciscoadaptive_security_appliance_software
9.0.4.1
ciscoadaptive_security_appliance_software
9.0.4.5
ciscoadaptive_security_appliance_software
9.0.4.7
ciscoadaptive_security_appliance_software
9.0.4.17
ciscoadaptive_security_appliance_software
9.0.4.20
ciscoadaptive_security_appliance_software
9.0.4.24
ciscoadaptive_security_appliance_software
9.0.4.26
ciscoadaptive_security_appliance_software
9.0.4.29
ciscoadaptive_security_appliance_software
9.0.4.33
ciscoadaptive_security_appliance_software
9.0.4.35
ciscoadaptive_security_appliance_software
9.0.4.37
ciscoadaptive_security_appliance_software
9.1.1
ciscoadaptive_security_appliance_software
9.1.1.4
ciscoadaptive_security_appliance_software
9.1.2
ciscoadaptive_security_appliance_software
9.1.2.8
ciscoadaptive_security_appliance_software
9.1.3
ciscoadaptive_security_appliance_software
9.1.3.2
ciscoadaptive_security_appliance_software
9.1.4
ciscoadaptive_security_appliance_software
9.1.4.5
ciscoadaptive_security_appliance_software
9.1.5
ciscoadaptive_security_appliance_software
9.1.5.10
ciscoadaptive_security_appliance_software
9.1.5.12
ciscoadaptive_security_appliance_software
9.1.5.15
ciscoadaptive_security_appliance_software
9.1.5.21
ciscoadaptive_security_appliance_software
9.1.6
ciscoadaptive_security_appliance_software
9.1.6.1
ciscoadaptive_security_appliance_software
9.1.6.4
ciscoadaptive_security_appliance_software
9.1.6.6
ciscoadaptive_security_appliance_software
9.1.6.8
ciscoadaptive_security_appliance_software
9.2\(0.0\)
ciscoadaptive_security_appliance_software
9.2\(0.104\)
ciscoadaptive_security_appliance_software
9.2\(3.1\)
ciscoadaptive_security_appliance_software
9.2.1
ciscoadaptive_security_appliance_software
9.2.2
ciscoadaptive_security_appliance_software
9.2.2.4
ciscoadaptive_security_appliance_software
9.2.2.7
ciscoadaptive_security_appliance_software
9.2.2.8
ciscoadaptive_security_appliance_software
9.2.3
ciscoadaptive_security_appliance_software
9.2.3.3
ciscoadaptive_security_appliance_software
9.2.3.4
ciscoadaptive_security_appliance_software
9.2.4
ciscoadaptive_security_appliance_software
9.3\(1.50\)
ciscoadaptive_security_appliance_software
9.3\(1.105\)
ciscoadaptive_security_appliance_software
9.3\(2.100\)
ciscoadaptive_security_appliance_software
9.3\(2.243\)
ciscoadaptive_security_appliance_software
9.3.1
ciscoadaptive_security_appliance_software
9.3.1.1
ciscoadaptive_security_appliance_software
9.3.2
ciscoadaptive_security_appliance_software
9.3.2.2
ciscoadaptive_security_appliance_software
9.3.3
ciscoadaptive_security_appliance_software
9.3.3.1
ciscoadaptive_security_appliance_software
9.3.3.2
ciscoadaptive_security_appliance_software
9.3.3.5
ciscoadaptive_security_appliance_software
9.3.3.6
ciscoadaptive_security_appliance_software
9.4.0.115
ciscoadaptive_security_appliance_software
9.4.1
ciscoadaptive_security_appliance_software
9.4.1.1
ciscoadaptive_security_appliance_software
9.4.1.2
ciscoadaptive_security_appliance_software
9.4.1.3
ciscoadaptive_security_appliance_software
9.4.1.5
ciscoadaptive_security_appliance_software
9.5.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-vpn
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-vpn