Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Cisco ASA SQL*NET Inspection Engine DoS Vulnerability
Information
Severity
Severity
High
Family
Family
CISCO
CVSSv2 Base
CVSSv2 Base
7.8
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:L/Au:N/C:N/I:N/A:C
Solution Type
Solution Type
Vendor Patch
Created
Created
9 years ago
Modified
Modified
5 years ago
Summary
The SQL*NET Inspection Engine of Cisco ASA is prone to a Denial of Service vulnerability.
Insight
Insight
A vulnerability in SQL*Net inspection engine code could allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper handling of crafted SQL REDIRECT packets by a system running an affected version of Cisco ASA Software with SQL*Net inspection enabled.
Affected Software
Affected Software
Version 7.2, 8.2, 8.3, 8.4, 8.5, 8.6, 8.7, 9.0 and 9.1
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
Apply the appropriate updates from Cisco.