HomePentest-Tools.com Logo

Cisco ASA Health and Performance Monitor DoS Vulnerability (cisco-sa-20141008-asa) CVE-2014-3385

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

A vulnerability in Health and Performance Monitoring (HPM) for ASDM functionality of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of an affected device and eventual denial of service (DoS) condition.

Risk description

The vulnerability is due to a race condition in the operation of the HPM functionality. An attacker could exploit this vulnerability by sending a large number of half-open simultaneous connections to be established through the affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending a large number of half-open simultaneous connections to be established through a targeted device. An exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Recommendation

See the referenced vendor advisory for a solution.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Oct 10, 2014
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available