Cisco ASA 5555-X Firmware 009.016(001.025)

CPE Details

Cisco ASA 5555-X Firmware 009.016(001.025)
009.016\(001.025\)
2021-10-28
13h07 +00:00
2021-11-17
15h14 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:o:cisco:asa_5555-x_firmware:009.016\(001.025\):*:*:*:*:*:*:*

Informations

Vendor

cisco

Product

asa_5555-x_firmware

Version

009.016\(001.025\)

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2021-34783 2021-10-27 18h55 +00:00 A vulnerability in the software-based SSL/TLS message handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient validation of SSL/TLS messages when the device performs software-based SSL/TLS decryption. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: Datagram TLS (DTLS) messages cannot be used to exploit this vulnerability.
8.6
Haute
CVE-2021-40125 2021-10-27 18h50 +00:00 A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. This vulnerability is due to improper control of a resource. An attacker with the ability to spoof a trusted IKEv2 site-to-site VPN peer and in possession of valid IKEv2 credentials for that peer could exploit this vulnerability by sending malformed, authenticated IKEv2 messages to an affected device. A successful exploit could allow the attacker to trigger a reload of the device.
6.5
Moyen