Test Kennung:	1.3.6.1.4.1.25623.1.0.106055
Kategorie:	CISCO
Titel:	Cisco ASA Management Interface XML Parser DoS Vulnerability (cisco-sa-20151123-asa)
Zusammenfassung:	A vulnerability in the XML parser of the management interface; of Cisco ASA may lead to a denial of service.
Beschreibung:	Summary: A vulnerability in the XML parser of the management interface of Cisco ASA may lead to a denial of service. Vulnerability Insight: The vulnerability is due to insufficient hardening of the XML parser code. Cisco ASA may process a crafted XML file if the file is passed through the management interface or when performing activities with the auto update server AUS. In all cases a valid authentication on the device or a valid AUS server would need to be used in order to provide an XML file. Vulnerability Impact: An authenticated, remote attacker could cause system instability and possibly crash an affected system. Affected Software/OS: Cisco ASA version 7.2, 8.0, 8.1, 8.2, 8.3, 8.4, 8.5, 8.6, 8.7, 9.0, 9.1, 9.2 and 9.3. Solution: See the referenced vendor advisory for a solution. CVSS Score: 6.8 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-6379 Cisco Security Advisory: 20151124 Cisco ASA Management Interface XML Parser Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151123-asa http://www.securitytracker.com/id/1034251
Copyright	Copyright (C) 2015 Greenbone Networks GmbH

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.