Cisco ASA Non-DCERPC Traffic Bypass Vulnerability March16

Information

Severity

Severity

Low

Family

Family

CISCO

CVSSv2 Base

CVSSv2 Base

3.5

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:M/Au:S/C:P/I:N/A:N

Solution Type

Solution Type

Vendor Patch

Created

Created

6 years ago

Modified

Modified

3 years ago

Summary

This host is running Cisco ASA Software and is prone to traffic bypass vulnerability.

Insight

Insight

The flaw is due to an internal access control list (ACL), which is used to allow DCERPC traffic but is incorrectly programmed to allow all traffic types and not restricted to DCERPC TCP port 135.

Affected Software

Affected Software

Cisco ASA Software versions 9.4.1 up to 9.5.1.

Detection Method

Detection Method

Checks if a vulnerable version is present on the target host.

Solution

Solution

Upgrade to software updates available from the advisory.

Common Vulnerabilities and Exposures (CVE)

Free Vulnerability Scanner

Mageni can help you to scan, assess and manage your vulnerabilities.

Processing. Please wait...

We care about the protection of your data. Read our Privacy Policy.