A vulnerability in the remote access SSL VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper validation of errors that are logged as a result of client connections that are made using remote access VPN. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to cause the affected device to restart, resulting in a DoS condition.
2022-05-03T04:15:09.000
2024-11-21T06:43:23.783
Modified
CVSSv3.1: 8.6 (HIGH)
AV:N/AC:L/Au:N/C:N/I:N/A:C
10.0
6.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | cisco | firepower_threat_defense | < 6.4.0.15 | Yes |
| Application | cisco | firepower_threat_defense | < 6.6.5.2 | Yes |
| Application | cisco | firepower_threat_defense | < 7.0.2 | Yes |
| Application | cisco | firepower_threat_defense | 7.1.0 | Yes |
| Operating System | cisco | adaptive_security_appliance_software | < 9.8.4.44 | Yes |
| Operating System | cisco | adaptive_security_appliance_software | < 9.12.4.38 | Yes |
| Operating System | cisco | adaptive_security_appliance_software | < 9.14.4 | Yes |
| Operating System | cisco | adaptive_security_appliance_software | < 9.15.1.21 | Yes |
| Operating System | cisco | adaptive_security_appliance_software | < 9.16.2.14 | Yes |
| Operating System | cisco | adaptive_security_appliance_software | < 9.17.1.7 | Yes |