Cisco ASA failover Command Injection Vulnerability (CVE-2015-0675)
Cisco ASA 1, 5500
CVE (CAN) ID: CVE-2015-0675
The Cisco ASA 5500 Series Adaptive Security Device is a modular platform for providing security and VPN services. It provides firewall, IPS, anti-X, and VPN services.
The failover ipsec function of Cisco ASA Software has a security vulnerability. The attacker sends configuration commands to all failover devices through the failover interface, resulting in active and available faulty devices. This vulnerability is caused by the failure to properly handle secure failover communication messages.
<* Source: Cisco
Cisco has released a Security Bulletin (cisco-sa-20150408-asa) and patches for this:
Cisco-sa-20150408-asa: Multiple Vulnerabilities in Cisco ASA Software
This article permanently updates the link address: