ID de Prueba:	1.3.6.1.4.1.25623.1.0.106055
Categoría:	CISCO
Título:	Cisco ASA Management Interface XML Parser DoS Vulnerability (cisco-sa-20151123-asa)
Resumen:	A vulnerability in the XML parser of the management interface; of Cisco ASA may lead to a denial of service.
Descripción:	Summary: A vulnerability in the XML parser of the management interface of Cisco ASA may lead to a denial of service. Vulnerability Insight: The vulnerability is due to insufficient hardening of the XML parser code. Cisco ASA may process a crafted XML file if the file is passed through the management interface or when performing activities with the auto update server AUS. In all cases a valid authentication on the device or a valid AUS server would need to be used in order to provide an XML file. Vulnerability Impact: An authenticated, remote attacker could cause system instability and possibly crash an affected system. Affected Software/OS: Cisco ASA version 7.2, 8.0, 8.1, 8.2, 8.3, 8.4, 8.5, 8.6, 8.7, 9.0, 9.1, 9.2 and 9.3. Solution: See the referenced vendor advisory for a solution. CVSS Score: 6.8 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-6379 Cisco Security Advisory: 20151124 Cisco ASA Management Interface XML Parser Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151123-asa http://www.securitytracker.com/id/1034251
Copyright	Copyright (C) 2015 Greenbone Networks GmbH

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.