cisco-sa-20191002-asa-ftd-sip-dos: Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Inspection Denial of Service Vulnerability
First published: Wed Oct 02 2019(Updated: )
A vulnerability in the Session Initiation Protocol (SIP) inspection module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper parsing of SIP messages. An attacker could exploit this vulnerability by sending a malicious SIP packet through an affected device. A successful exploit could allow the attacker to trigger an integer underflow, causing the software to try to read unmapped memory and resulting in a crash. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-sip-dos
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco ASA | =9.12<9.12.2.1=9.10<9.10.1.27>=9.7=9.8<=9.9<9.9.2.56>=9.5<=9.6<9.6.4.34>=Earlier than 9.4<=9.4<9.4.4.37 | 9.12.2.1 9.10.1.27 9.9.2.56 9.6.4.34 9.4.4.37 |
| Cisco Firepower Threat Defense | >=Earlier than 6.1.0=6.1.0=6.2.0=6.2.1=6.2.2<=6.2.3<6.2.3.15 | 6.2.3.15 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of cisco-sa-20191002-asa-ftd-sip-dos?
The cisco-sa-20191002-asa-ftd-sip-dos vulnerability is considered to be of high severity due to its potential to cause a denial of service.
How do I fix cisco-sa-20191002-asa-ftd-sip-dos?
To remediate the cisco-sa-20191002-asa-ftd-sip-dos vulnerability, update your Cisco ASA or FTD software to the recommended versions provided by Cisco.
What products are affected by cisco-sa-20191002-asa-ftd-sip-dos?
The cisco-sa-20191002-asa-ftd-sip-dos vulnerability affects Cisco ASA Software and Cisco FTD Software versions as detailed in the advisory.
Can an attacker exploit cisco-sa-20191002-asa-ftd-sip-dos remotely?
Yes, an unauthenticated remote attacker can exploit the cisco-sa-20191002-asa-ftd-sip-dos vulnerability to cause a denial of service condition.
What is the impact of cisco-sa-20191002-asa-ftd-sip-dos?
The impact of the cisco-sa-20191002-asa-ftd-sip-dos vulnerability is that it can lead to a denial of service, potentially disrupting network availability.
- agent/last-modified-date
- agent/type
- agent/first-publish-date
- agent/weakness
- agent/title
- agent/severity
- agent/references
- agent/description
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/cisco-advisory
- source/Cisco
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco asa
- version/cisco asa/9.12
- version/cisco asa/9.10
- version/cisco asa/9.7
- version/cisco asa/9.8
- version/cisco asa/9.9
- version/cisco asa/9.5
- version/cisco asa/9.6
- version/cisco asa/earlier than 9.4
- version/cisco asa/9.4
- canonical/cisco firepower threat defense
- version/cisco firepower threat defense/earlier than 6.1.0
- version/cisco firepower threat defense/6.1.0
- version/cisco firepower threat defense/6.2.0
- version/cisco firepower threat defense/6.2.1
- version/cisco firepower threat defense/6.2.2
- version/cisco firepower threat defense/6.2.3