Security News > 2018 > November > Cisco security appliances under attack, still no patch available

Cisco security appliances under attack, still no patch available
2018-11-02 10:27

A vulnerability (CVE-2018-15454) affecting a slew Cisco security appliances, modules and firewalls is being exploited in the wild to crash and reload the devices, the company has warned on Thursday. About CVE-2018-15454 The vulnerability is in the Session Initiation Protocol (SIP) inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software, and allows unauthenticated, remote attackers to cause an affected device to reload or trigger high CPU, resulting in … More → The post Cisco security appliances under attack, still no patch available appeared first on Help Net Security.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/0eKv9luz9KQ/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2018-11-01 CVE-2018-15454 Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software
A vulnerability in the Session Initiation Protocol (SIP) inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload or trigger high CPU, resulting in a denial of service (DoS) condition.
network
low complexity
cisco CWE-20
8.6

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2046 21 1773 1669 288 3751