Cisco ASA 5500-X Session Initiation Protocol Bug Lets Remote Users Deny Service
|
SecurityTracker Alert ID: 1042129 |
SecurityTracker URL: http://securitytracker.com/id/1042129
|
CVE Reference:
CVE-2018-15454
(Links to External Site)
|
Date: Nov 14 2018
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 5500-X
|
Description:
A vulnerability was reported in Cisco ASA. A remote user can cause denial of service conditions on the target system.
A remote user can send specially crafted Session Initiation Protocol (SIP) data to cause a target device to reload or to cause high CPU consumption on the target device.
The vendor has assigned bug ID CSCvm43975 to this vulnerability.
|
Impact:
A remote user can cause denial of service conditions.
|
Solution:
The vendor has issued a fix.
The vendor advisory is available at:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181031-asaftd-sip-dos
|
Vendor URL: tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181031-asaftd-sip-dos (Links to External Site)
|
Cause:
State error
|
|
Message History:
None.
|
Source Message Contents
|
|
[Original Message Not Available for Viewing]
|
|