漏洞标题
思科自适应安全设备IPsec虚拟私有网络拒绝服务漏洞
漏洞描述信息
思科自适应安全设备IPsec VPN拒绝服务漏洞
CVSS信息
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
漏洞类别
N/A
漏洞标题
Cisco Adaptive Security Appliance IPsec VPN Denial of Service Vulnerability
漏洞描述信息
A vulnerability in the implementation of Traffic Flow Confidentiality (TFC) over IPsec functionality in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to an error that may occur if the affected software renegotiates the encryption key for an IPsec tunnel when certain TFC traffic is in flight. An attacker could exploit this vulnerability by sending a malicious stream of TFC traffic through an established IPsec tunnel on an affected device. A successful exploit could allow the attacker to cause a daemon process on the affected device to crash, which could cause the device to crash and result in a DoS condition.
CVSS信息
N/A
漏洞类别
密钥管理错误
漏洞标题
Cisco Adaptive Security Appliance Software和Cisco Firepower Threat Defense Software 加密问题漏洞
漏洞描述信息
Cisco Adaptive Security Appliances(ASA,自适应安全设备)Software和Cisco Firepower Threat Defense(FTD)Software都是由美国思科(Cisco)公司开发的程序。前者是一套运行于防火墙中的操作系统。后者是一套提供下一代防火墙服务的统一软件。 Cisco ASA Software和Cisco FTD Software中的Traffic Flow Confidentiality (TFC) over IPsec功能的实现存在安全漏
CVSS信息
N/A
漏洞类别
加密问题