Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Cisco ASA SQL*NET Inspection Engine DoS Vulnerability

Information

Severity

Severity

High

Family

Family

CISCO

CVSSv2 Base

CVSSv2 Base

7.8

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

7 years ago

Modified

Modified

3 years ago

Summary

The SQL*NET Inspection Engine of Cisco ASA is prone to a Denial of Service vulnerability.

Insight

Insight

A vulnerability in SQL*Net inspection engine code could allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper handling of crafted SQL REDIRECT packets by a system running an affected version of Cisco ASA Software with SQL*Net inspection enabled.

Affected Software

Affected Software

Version 7.2, 8.2, 8.3, 8.4, 8.5, 8.6, 8.7, 9.0 and 9.1

Detection Method

Detection Method

Checks if a vulnerable version is present on the target host.

Solution

Solution

Apply the appropriate updates from Cisco.

Common Vulnerabilities and Exposures (CVE)