CVE-2019-15256

A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper management of system memory. An attacker could exploit this vulnerability by sending malicious IKEv1 traffic to an affected device. The attacker does not need valid credentials to authenticate the VPN session, nor does the attacker's source address need to match a peer statement in the crypto map applied to the ingress interface of the affected device. An exploit could allow the attacker to exhaust system memory resources, leading to a reload of an affected device.

Published : 2019-10-02 19:15 Updated : 2019-10-10 18:13

7.8
CVSS Score More info
Score 7.8 / 10
7.8
Vendor Product Version URI
Cisco Adaptive Security Appliance Software 9.7 cpe:/a:cisco:adaptive_security_appliance_software:9.7
Cisco Adaptive Security Appliance Software 9.7%281%29 cpe:/a:cisco:adaptive_security_appliance_software:9.7%281%29
Cisco Adaptive Security Appliance Software 9.7%281%291 cpe:/a:cisco:adaptive_security_appliance_software:9.7%281%291
Cisco Adaptive Security Appliance Software 9.7%281%292 cpe:/a:cisco:adaptive_security_appliance_software:9.7%281%292
Cisco Adaptive Security Appliance Software 9.7%281%294 cpe:/a:cisco:adaptive_security_appliance_software:9.7%281%294
Cisco Adaptive Security Appliance Software 9.7%281%298 cpe:/a:cisco:adaptive_security_appliance_software:9.7%281%298
Cisco Adaptive Security Appliance Software 9.7%281%2915 cpe:/a:cisco:adaptive_security_appliance_software:9.7%281%2915
Cisco Adaptive Security Appliance Software 9.7%281%2916 cpe:/a:cisco:adaptive_security_appliance_software:9.7%281%2916
Cisco Adaptive Security Appliance Software 9.7%281%2921 cpe:/a:cisco:adaptive_security_appliance_software:9.7%281%2921
Cisco Adaptive Security Appliance Software 9.7%281%2924 cpe:/a:cisco:adaptive_security_appliance_software:9.7%281%2924
Cisco Adaptive Security Appliance Software 9.7%281.4%29 cpe:/a:cisco:adaptive_security_appliance_software:9.7%281.4%29
Cisco Adaptive Security Appliance Software 9.8 cpe:/a:cisco:adaptive_security_appliance_software:9.8
Cisco Adaptive Security Appliance Software 9.8%280.56%29 cpe:/a:cisco:adaptive_security_appliance_software:9.8%280.56%29
Cisco Adaptive Security Appliance Software 9.8%281%29 cpe:/a:cisco:adaptive_security_appliance_software:9.8%281%29
Cisco Adaptive Security Appliance Software 9.8%281.200%29 cpe:/a:cisco:adaptive_security_appliance_software:9.8%281.200%29
Cisco Adaptive Security Appliance Software 9.8%282%29 cpe:/a:cisco:adaptive_security_appliance_software:9.8%282%29
Cisco Adaptive Security Appliance Software 9.8%282%298 cpe:/a:cisco:adaptive_security_appliance_software:9.8%282%298
Cisco Adaptive Security Appliance Software 9.8%282%2914 cpe:/a:cisco:adaptive_security_appliance_software:9.8%282%2914
Cisco Adaptive Security Appliance Software 9.8%282%2917 cpe:/a:cisco:adaptive_security_appliance_software:9.8%282%2917
Cisco Adaptive Security Appliance Software 9.8%282%2920 cpe:/a:cisco:adaptive_security_appliance_software:9.8%282%2920
Cisco Adaptive Security Appliance Software 9.8%282%2924 cpe:/a:cisco:adaptive_security_appliance_software:9.8%282%2924
Cisco Adaptive Security Appliance Software 9.8%282%2926 cpe:/a:cisco:adaptive_security_appliance_software:9.8%282%2926
Cisco Adaptive Security Appliance Software 9.8%282%2928 cpe:/a:cisco:adaptive_security_appliance_software:9.8%282%2928
Cisco Adaptive Security Appliance Software 9.8%283%29 cpe:/a:cisco:adaptive_security_appliance_software:9.8%283%29
Cisco Adaptive Security Appliance Software 9.8.3.18 cpe:/a:cisco:adaptive_security_appliance_software:9.8.3.18
Cisco Adaptive Security Appliance Software 9.8.4 cpe:/a:cisco:adaptive_security_appliance_software:9.8.4
Cisco Adaptive Security Appliance Software 9.9 cpe:/a:cisco:adaptive_security_appliance_software:9.9
Cisco Adaptive Security Appliance Software 9.9%281%29 cpe:/a:cisco:adaptive_security_appliance_software:9.9%281%29
Cisco Adaptive Security Appliance Software 9.9%282%29 cpe:/a:cisco:adaptive_security_appliance_software:9.9%282%29
Cisco Adaptive Security Appliance Software 9.9%282%291 cpe:/a:cisco:adaptive_security_appliance_software:9.9%282%291
Cisco Adaptive Security Appliance Software 9.9.2.36 cpe:/a:cisco:adaptive_security_appliance_software:9.9.2.36
Cisco Adaptive Security Appliance Software 9.10 cpe:/a:cisco:adaptive_security_appliance_software:9.10
Cisco Adaptive Security Appliance Software 9.10.1.7 cpe:/a:cisco:adaptive_security_appliance_software:9.10.1.7
Cisco Adaptive Security Appliance Software 9.10.1.17 cpe:/a:cisco:adaptive_security_appliance_software:9.10.1.17
Cisco Adaptive Security Appliance Software 9.12 cpe:/a:cisco:adaptive_security_appliance_software:9.12
Cisco Firepower Threat Defense 6.2.0 cpe:/a:cisco:firepower_threat_defense:6.2.0
Cisco Firepower Threat Defense 6.2.0.1 cpe:/a:cisco:firepower_threat_defense:6.2.0.1
Cisco Firepower Threat Defense 6.2.0.2 cpe:/a:cisco:firepower_threat_defense:6.2.0.2
Cisco Firepower Threat Defense 6.2.0.3 cpe:/a:cisco:firepower_threat_defense:6.2.0.3
Cisco Firepower Threat Defense 6.2.0.4 cpe:/a:cisco:firepower_threat_defense:6.2.0.4
Cisco Firepower Threat Defense 6.2.0.5 cpe:/a:cisco:firepower_threat_defense:6.2.0.5
Cisco Firepower Threat Defense 6.2.1 cpe:/a:cisco:firepower_threat_defense:6.2.1
Cisco Firepower Threat Defense 6.2.2 cpe:/a:cisco:firepower_threat_defense:6.2.2
Cisco Firepower Threat Defense 6.2.2.1 cpe:/a:cisco:firepower_threat_defense:6.2.2.1
Cisco Firepower Threat Defense 6.2.2.2 cpe:/a:cisco:firepower_threat_defense:6.2.2.2
Cisco Firepower Threat Defense 6.2.2.3 cpe:/a:cisco:firepower_threat_defense:6.2.2.3
Cisco Firepower Threat Defense 6.2.2.4 cpe:/a:cisco:firepower_threat_defense:6.2.2.4
Cisco Firepower Threat Defense 6.2.2.5 cpe:/a:cisco:firepower_threat_defense:6.2.2.5
Cisco Firepower Threat Defense 6.2.3 cpe:/a:cisco:firepower_threat_defense:6.2.3
Cisco Firepower Threat Defense 6.2.3.1 cpe:/a:cisco:firepower_threat_defense:6.2.3.1
Cisco Firepower Threat Defense 6.2.3.2 cpe:/a:cisco:firepower_threat_defense:6.2.3.2
Cisco Firepower Threat Defense 6.2.3.3 cpe:/a:cisco:firepower_threat_defense:6.2.3.3
Cisco Firepower Threat Defense 6.2.3.4 cpe:/a:cisco:firepower_threat_defense:6.2.3.4
Cisco Firepower Threat Defense 6.2.3.5 cpe:/a:cisco:firepower_threat_defense:6.2.3.5
Cisco Firepower Threat Defense 6.2.3.6 cpe:/a:cisco:firepower_threat_defense:6.2.3.6
Cisco Firepower Threat Defense 6.2.3.7 cpe:/a:cisco:firepower_threat_defense:6.2.3.7
Cisco Firepower Threat Defense 6.2.3.9 cpe:/a:cisco:firepower_threat_defense:6.2.3.9
Cisco Firepower Threat Defense 6.2.3.10 cpe:/a:cisco:firepower_threat_defense:6.2.3.10
Cisco Firepower Threat Defense 6.3.0.1 cpe:/a:cisco:firepower_threat_defense:6.3.0.1
Cisco Asa 5505 Firmware 9.9%282.4%29 cpe:/o:cisco:asa_5505_firmware:9.9%282.4%29
Cisco Asa 5505 Firmware 201.4%281.21%29 cpe:/o:cisco:asa_5505_firmware:201.4%281.21%29
Cisco Asa 5510 Firmware 9.9%282.4%29 cpe:/o:cisco:asa_5510_firmware:9.9%282.4%29
Cisco Asa 5510 Firmware 201.4%281.21%29 cpe:/o:cisco:asa_5510_firmware:201.4%281.21%29
Cisco Asa 5512-x Firmware 9.9%282.4%29 cpe:/o:cisco:asa_5512-x_firmware:9.9%282.4%29
Cisco Asa 5512-x Firmware 201.4%281.21%29 cpe:/o:cisco:asa_5512-x_firmware:201.4%281.21%29
Cisco Asa 5515-x Firmware 9.9%282.4%29 cpe:/o:cisco:asa_5515-x_firmware:9.9%282.4%29
Cisco Asa 5515-x Firmware 201.4%281.21%29 cpe:/o:cisco:asa_5515-x_firmware:201.4%281.21%29
Cisco Asa 5520 Firmware 9.9%282.4%29 cpe:/o:cisco:asa_5520_firmware:9.9%282.4%29
Cisco Asa 5520 Firmware 201.4%281.21%29 cpe:/o:cisco:asa_5520_firmware:201.4%281.21%29
Cisco Asa 5525-x Firmware 9.9%282.4%29 cpe:/o:cisco:asa_5525-x_firmware:9.9%282.4%29
Cisco Asa 5525-x Firmware 201.4%281.21%29 cpe:/o:cisco:asa_5525-x_firmware:201.4%281.21%29
Cisco Asa 5540 Firmware 9.9%282.4%29 cpe:/o:cisco:asa_5540_firmware:9.9%282.4%29
Cisco Asa 5540 Firmware 201.4%281.21%29 cpe:/o:cisco:asa_5540_firmware:201.4%281.21%29
Cisco Asa 5545-x Firmware 9.9%282.4%29 cpe:/o:cisco:asa_5545-x_firmware:9.9%282.4%29
Cisco Asa 5545-x Firmware 201.4%281.21%29 cpe:/o:cisco:asa_5545-x_firmware:201.4%281.21%29
Cisco Asa 5550 Firmware 9.9%282.4%29 cpe:/o:cisco:asa_5550_firmware:9.9%282.4%29
Cisco Asa 5550 Firmware 201.4%281.21%29 cpe:/o:cisco:asa_5550_firmware:201.4%281.21%29
Cisco Asa 5555-x Firmware 9.9%282.4%29 cpe:/o:cisco:asa_5555-x_firmware:9.9%282.4%29
Cisco Asa 5555-x Firmware 201.4%281.21%29 cpe:/o:cisco:asa_5555-x_firmware:201.4%281.21%29
Cisco Asa 5580 Firmware 9.9%282.4%29 cpe:/o:cisco:asa_5580_firmware:9.9%282.4%29
Cisco Asa 5580 Firmware 201.4%281.21%29 cpe:/o:cisco:asa_5580_firmware:201.4%281.21%29
  1. Cisco (13) Search CVE
    1. Firepower Threat Defense (24) Search CVE
      1. 6.2.0
      2. 6.2.0.1
      3. 6.2.0.2
      4. 6.2.0.3
      5. 6.2.0.4
      6. 6.2.0.5
      7. 6.2.1
      8. 6.2.2
      9. 6.2.2.1
      10. 6.2.2.2
      11. 6.2.2.3
      12. 6.2.2.4
      13. 6.2.2.5
      14. 6.2.3
      15. 6.2.3.1
      16. 6.2.3.2
      17. 6.2.3.3
      18. 6.2.3.4
      19. 6.2.3.5
      20. 6.2.3.6
      21. 6.2.3.7
      22. 6.2.3.9
      23. 6.2.3.10
      24. 6.3.0.1
    2. Asa 5525-x Firmware (2) Search CVE
      1. 9.9%282.4%29
      2. 201.4%281.21%29
    3. Asa 5505 Firmware (2) Search CVE
      1. 9.9%282.4%29
      2. 201.4%281.21%29
    4. Asa 5512-x Firmware (2) Search CVE
      1. 9.9%282.4%29
      2. 201.4%281.21%29
    5. Asa 5580 Firmware (2) Search CVE
      1. 9.9%282.4%29
      2. 201.4%281.21%29
    6. Asa 5540 Firmware (2) Search CVE
      1. 9.9%282.4%29
      2. 201.4%281.21%29
    7. Asa 5545-x Firmware (2) Search CVE
      1. 9.9%282.4%29
      2. 201.4%281.21%29
    8. Asa 5555-x Firmware (2) Search CVE
      1. 9.9%282.4%29
      2. 201.4%281.21%29
    9. Asa 5515-x Firmware (2) Search CVE
      1. 9.9%282.4%29
      2. 201.4%281.21%29
    10. Asa 5510 Firmware (2) Search CVE
      1. 9.9%282.4%29
      2. 201.4%281.21%29
    11. Adaptive Security Appliance Software (35) Search CVE
      1. 9.7
      2. 9.7%281%29
      3. 9.7%281%291
      4. 9.7%281%292
      5. 9.7%281%294
      6. 9.7%281%298
      7. 9.7%281%2915
      8. 9.7%281%2916
      9. 9.7%281%2921
      10. 9.7%281%2924
      11. 9.7%281.4%29
      12. 9.8
      13. 9.8%280.56%29
      14. 9.8%281%29
      15. 9.8%281.200%29
      16. 9.8%282%29
      17. 9.8%282%298
      18. 9.8%282%2914
      19. 9.8%282%2917
      20. 9.8%282%2920
      21. 9.8%282%2924
      22. 9.8%282%2926
      23. 9.8%282%2928
      24. 9.8%283%29
      25. 9.8.3.18
      26. 9.8.4
      27. 9.9
      28. 9.9%281%29
      29. 9.9%282%29
      30. 9.9%282%291
      31. 9.9.2.36
      32. 9.10
      33. 9.10.1.7
      34. 9.10.1.17
      35. 9.12
    12. Asa 5520 Firmware (2) Search CVE
      1. 9.9%282.4%29
      2. 201.4%281.21%29
    13. Asa 5550 Firmware (2) Search CVE
      1. 9.9%282.4%29
      2. 201.4%281.21%29

CWE

ID Name Description Links
CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion') The software does not properly restrict the size or amount of resources that are requested or influenced by an actor, which can be used to consume more resources than intended. CVE

History of changes

Date Event
2019-10-10 18:13
2019-10-02 19:17

New CVE