CVE-2015-0675

Cisco ASA 9.1-9.3 Remote Reconfiguration via Failover IPSec UDP Packets

Title source: llm
STIX 2.1

Description

The failover ipsec implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1 before 9.1(6), 9.2 before 9.2(3.3), and 9.3 before 9.3(3) does not properly validate failover communication messages, which allows remote attackers to reconfigure an ASA device, and consequently obtain administrative control, by sending crafted UDP packets over the local network to the failover interface, aka Bug ID CSCur21069.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1032045

Scores

EPSS 0.0097
EPSS Percentile 57.4%

Details

CWE
CWE-284
Status published
Products (23)
cisco/adaptive_security_appliance_software 9.1.1
cisco/adaptive_security_appliance_software 9.1.1.4
cisco/adaptive_security_appliance_software 9.1.2
cisco/adaptive_security_appliance_software 9.1.2.8
cisco/adaptive_security_appliance_software 9.1.3
cisco/adaptive_security_appliance_software 9.1.3.2
cisco/adaptive_security_appliance_software 9.1.4
cisco/adaptive_security_appliance_software 9.1.4.5
cisco/adaptive_security_appliance_software 9.1.5
cisco/adaptive_security_appliance_software 9.1.5.10
... and 13 more
Published Apr 13, 2015
Tracked Since Feb 18, 2026