cisco-sa-asa-ftd-dos-Unk689XY: Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Resource Exhaustion Denial of Service Vulnerability
First published: Wed Oct 27 2021(Updated: )
A vulnerability in the memory management of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper resource management when connection rates are high. An attacker could exploit this vulnerability by opening a significant number of connections on an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-Unk689XY This advisory is part of the October 2021 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2021 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication.
Credit: This vulnerability was found during the resolution a Cisco TAC support case
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco ASA Software | =9.16<9.16.2.3=9.15<9.15.1.17=9.14<9.14.3.9 | 9.16.2.3 9.15.1.17 9.14.3.9 |
| Cisco FTD Software | >=6.6.0<=6.7.0<6.7.0.3 (Jan 2022) | 6.7.0.3 (Jan 2022) |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Cisco ASA and FTD vulnerability?
The vulnerability ID is cisco-sa-asa-ftd-dos-Unk689XY.
What is the severity level of cisco-sa-asa-ftd-dos-Unk689XY?
The severity level of cisco-sa-asa-ftd-dos-Unk689XY is high.
What is the affected software for this vulnerability?
The affected software are Cisco ASA Software versions 9.16, 9.15, and 9.14, and Cisco FTD Software versions 6.6.0 up to 6.7.0.
How can an unauthenticated remote attacker exploit this vulnerability?
An unauthenticated remote attacker can exploit this vulnerability to cause a denial of service (DoS) condition on an affected device.
Where can I find more information about this vulnerability?
You can find more information about this vulnerability at the following link: [Cisco Security Advisory](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-Unk689XY).
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/cisco-advisory
- source/Cisco
- agent/software-canonical-lookup
- agent/title
- agent/weakness
- agent/author
- agent/severity
- agent/references
- agent/event
- agent/description
- agent/tags
- agent/source
- vendor/cisco
- canonical/cisco asa software
- version/cisco asa software/9.16
- version/cisco asa software/9.15
- version/cisco asa software/9.14
- canonical/cisco ftd software
- version/cisco ftd software/6.6.0
- version/cisco ftd software/6.7.0