Vulnerabilities > CVE-2016-1367 - Resource Management Errors vulnerability in Cisco Adaptive Security Appliance Software 9.4.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
The DHCPv6 relay implementation in Cisco Adaptive Security Appliance (ASA) Software 9.4.1 allows remote attackers to cause a denial of service (device reload) via crafted DHCPv6 packets, aka Bug ID CSCus23248.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 |
Common Weakness Enumeration (CWE)
Nessus
| NASL family | CISCO |
| NASL id | CISCO-SA-20160420-ASA-DHCPV6.NASL |
| description | The remote Cisco Adaptive Security Appliance (ASA) device is affected by a denial of service vulnerability in the DHCPv6 relay feature due to improper validation of DHCPv6 packets. An unauthenticated, remote attacker can exploit this, via specially crafted DHCPv6 packets, to cause the device to reload. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 90714 |
| published | 2016-04-26 |
| reporter | This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/90714 |
| title | Cisco Adaptive Security Appliance Software DHCPv6 Packet Handling DoS (cisco-sa-20160420-asa-dhcpv6) |