First published: Wed Oct 27 2021(Updated: )
A vulnerability in SSL/TLS message handler for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because incoming SSL/TLS packets are not properly processed. An attacker could exploit this vulnerability by sending a crafted SSL/TLS packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-4ygzLKU9 This advisory is part of the October 2021 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2021 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication.
Credit: This vulnerability was found by Sanmith Prakash Cisco during internal security testing
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco ASA Software | =9.15<9.15.1.17>=9.13<=9.14<9.14.3.9>=9.9=9.10<=9.12<9.12.4.26>=9.7 and earlier<=9.8<9.8.4.40 | 9.15.1.17 9.14.3.9 9.12.4.26 9.8.4.40 |
Cisco FTD Software | >=6.5.0=6.6.0<=6.7.0<6.7.0.3 (Jan 2022)>=6.3.0<=6.4.0<6.4.0.13 (Nov 2021)>=6.2.2 and earlier<=6.2.3<6.2.3.17 | 6.7.0.3 (Jan 2022) 6.4.0.13 (Nov 2021) 6.2.3.17 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is cisco-sa-asaftd-dos-4ygzLKU9.
The severity level of the cisco-sa-asaftd-dos-4ygzLKU9 vulnerability is high.
The affected software for the cisco-sa-asaftd-dos-4ygzLKU9 vulnerability is Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software.
An unauthenticated, remote attacker can exploit the cisco-sa-asaftd-dos-4ygzLKU9 vulnerability to cause a denial of service (DoS) condition on an affected device.
To fix the cisco-sa-asaftd-dos-4ygzLKU9 vulnerability, upgrade to the recommended software versions provided by Cisco.