What is the severity of cisco-sa-20190501-asa-vpn-dos?

The severity of cisco-sa-20190501-asa-vpn-dos is high due to its potential to cause a denial of service condition.

How do I fix cisco-sa-20190501-asa-vpn-dos?

To fix cisco-sa-20190501-asa-vpn-dos, upgrade to the appropriate versions of Cisco ASA Software listed in the advisory.

Who is affected by cisco-sa-20190501-asa-vpn-dos?

The cisco-sa-20190501-asa-vpn-dos vulnerability affects users of certain versions of Cisco Adaptive Security Appliance Software.

What can happen if cisco-sa-20190501-asa-vpn-dos is exploited?

If cisco-sa-20190501-asa-vpn-dos is exploited, an unauthenticated attacker can cause a denial of service on the remote access VPN services.

Is cisco-sa-20190501-asa-vpn-dos a local or remote vulnerability?

cisco-sa-20190501-asa-vpn-dos is a remote vulnerability that can be exploited without authentication.

Vulnerability/
cisco-sa-20190501-asa-vpn-dos

medium

5.3

CWE

404

1/5/2019

cisco-sa-20190501-asa-vpn-dos: Cisco Adaptive Security Appliance Software VPN Denial of Service Vulnerability

First published: Wed May 01 2019(Updated: )

A vulnerability in the remote access VPN session manager of Cisco Adaptive Security Appliance (ASA) Software could allow a unauthenticated, remote attacker to cause a denial of service (DoS) condition on the remote access VPN services. The vulnerability is due to an issue with the remote access VPN session manager. An attacker could exploit this vulnerability by requesting an excessive number of remote access VPN sessions. An exploit could allow the attacker to cause a DoS condition. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-vpn-dos

Credit: This vulnerability was found during the resolution a Cisco TAC support case

Affected Software	Affected Version	How to fix
Cisco ASA Software	=9.10<9.10.1.17>=9.7=9.8<=9.9<9.9.2.50=9.6<9.6.4.25=9.5<9.6.4.25=9.4<9.4.4.34	9.10.1.17 9.9.2.50 9.6.4.25 9.6.4.25 9.4.4.34

Never miss a vulnerability like this again

Reference Links

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-vpn-dos (Advisory)

Child vulnerabilities

(Contains the following vulnerabilities)

CVE-2019-1705

Frequently Asked Questions

What is the severity of cisco-sa-20190501-asa-vpn-dos?
The severity of cisco-sa-20190501-asa-vpn-dos is high due to its potential to cause a denial of service condition.
How do I fix cisco-sa-20190501-asa-vpn-dos?
To fix cisco-sa-20190501-asa-vpn-dos, upgrade to the appropriate versions of Cisco ASA Software listed in the advisory.
Who is affected by cisco-sa-20190501-asa-vpn-dos?
The cisco-sa-20190501-asa-vpn-dos vulnerability affects users of certain versions of Cisco Adaptive Security Appliance Software.
What can happen if cisco-sa-20190501-asa-vpn-dos is exploited?
If cisco-sa-20190501-asa-vpn-dos is exploited, an unauthenticated attacker can cause a denial of service on the remote access VPN services.
Is cisco-sa-20190501-asa-vpn-dos a local or remote vulnerability?
cisco-sa-20190501-asa-vpn-dos is a remote vulnerability that can be exploited without authentication.

agent/type
agent/last-modified-date
agent/first-publish-date
agent/softwarecombine
collector/cisco-advisory
source/Cisco
agent/software-canonical-lookup
agent/references
agent/weakness
agent/remedy
agent/severity
agent/title
agent/author
agent/event
agent/description
agent/tags
agent/source
vendor/cisco
canonical/cisco asa software
version/cisco asa software/9.10
version/cisco asa software/9.7
version/cisco asa software/9.8
version/cisco asa software/9.9
version/cisco asa software/9.6
version/cisco asa software/9.5
version/cisco asa software/9.4