First published: Wed Oct 02 2019(Updated: )
A vulnerability in the Session Initiation Protocol (SIP) inspection module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper parsing of SIP messages. An attacker could exploit this vulnerability by sending a malicious SIP packet through an affected device. A successful exploit could allow the attacker to trigger an integer underflow, causing the software to try to read unmapped memory and resulting in a crash. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-sip-dos
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco ASA Software | =9.12<9.12.2.1=9.10<9.10.1.27>=9.7=9.8<=9.9<9.9.2.56>=9.5<=9.6<9.6.4.34>=Earlier than 9.4<=9.4<9.4.4.37 | 9.12.2.1 9.10.1.27 9.9.2.56 9.6.4.34 9.4.4.37 |
Cisco FTD Software | >=Earlier than 6.1.0=6.1.0=6.2.0=6.2.1=6.2.2<=6.2.3<6.2.3.15 | 6.2.3.15 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.