vulnerability

Cisco ASA: CVE-2016-1312: Content Security and Control Security Services Module Denial of Service Vulnerability (cisco-sa-20160309-csc)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:N/I:N/A:C)	2016-03-09	2018-04-27	2018-07-26

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:C)

Published

2016-03-09

Added

2018-04-27

Modified

2018-07-26

Description

The HTTPS inspection engine in the Content Security and Control Security Services Module (CSC-SSM) 6.6 before 6.6.1164.0 for Cisco ASA 5500 devices allows remote attackers to cause a denial of service (memory consumption or device reload) via a flood of HTTPS packets, aka Bug ID CSCue76147.

Solution

cisco-asa-upgrade-6_6_1157

References

BID-84281
CVE-2016-1312
https://attackerkb.com/topics/CVE-2016-1312
URL-http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160309-csc

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today