Vulnerabilities > CVE-2016-1369 - Resource Management Errors vulnerability in Cisco ASA With Firepower Services

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

cisco

CWE-399

NVD

Published: 2016-05-05

Updated: 2016-12-01

Summary

The Adaptive Security Appliance (ASA) 5585-X FirePOWER Security Services Processor (SSP) module for Cisco ASA with FirePOWER Services 5.3.1 through 6.0.0 misconfigures kernel logging, which allows remote attackers to cause a denial of service (resource consumption, and inspection outage or module outage) via a flood of crafted IP traffic, aka Bug ID CSCux19922.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco ASA With Firepower Services 5.3.1 Cisco ASA With Firepower Services 5.3.1.1 Cisco ASA With Firepower Services 5.4.0 Cisco ASA With Firepower Services 5.4.0.1 Cisco ASA With Firepower Services 5.4.0.2 Cisco ASA With Firepower Services 5.4.0.3 Cisco ASA With Firepower Services 5.4.0.4 Cisco ASA With Firepower Services 5.4.0.5 Cisco ASA With Firepower Services 5.4.0.6 Cisco ASA With Firepower Services 5.4.1 Cisco ASA With Firepower Services 5.4.1.1 Cisco ASA With Firepower Services 5.4.1.2 Cisco ASA With Firepower Services 5.4.1.3 Cisco ASA With Firepower Services 5.4.1.4 Cisco ASA With Firepower Services 5.4.1.5 Cisco ASA With Firepower Services 5.4.05 Cisco ASA With Firepower Services 6.0.0	17

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References