HomePentest-Tools.com Logo

Cisco ASA Management Interface XML Parser DoS Vulnerability (cisco-sa-20151123-asa) CVE-2015-6379

Not available
CVSSv3 Score
Not available
Vulnerability description

A vulnerability in the XML parser of the management interface of Cisco ASA may lead to a denial of service.

Risk description

The vulnerability is due to insufficient hardening of the XML parser code. Cisco ASA may process a crafted XML file if the file is passed through the management interface or when performing activities with the auto update server AUS. In all cases a valid authentication on the device or a valid AUS server would need to be used in order to provide an XML file. An authenticated, remote attacker could cause system instability and possibly crash an affected system.


See the referenced vendor advisory for a solution.

Not available
Detectable with
Network Scanner
Scan engine
Exploitable with Sniper
CVE Published
Nov 25, 2015
Detection added at
Software Type
Not available
Not available
Not available