A vulnerability in the Internet Key Exchange Version 2 Mobility and Multihoming Protocol (MOBIKE) feature for the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to the incorrect processing of certain MOBIKE packets. An attacker could exploit this vulnerability by sending crafted MOBIKE packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. The MOBIKE feature is supported only for IPv4 addresses.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/108166 | Third Party Advisory VDB Entry |
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-ike-dos | Vendor Advisory |
http://www.securityfocus.com/bid/108166 | Third Party Advisory VDB Entry |
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-ike-dos | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 04:37
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/108166 - Third Party Advisory, VDB Entry | |
References | () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-ike-dos - Vendor Advisory |
15 Aug 2023, 15:24
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:* |
29 Oct 2021, 18:41
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-401 |
Information
Published : 2019-05-03 16:29
Updated : 2024-11-21 04:37
NVD link : CVE-2019-1708
Mitre link : CVE-2019-1708
CVE.ORG link : CVE-2019-1708
JSON object : View
Products Affected
cisco
- asa_5516-x
- asa_5545-x
- adaptive_security_appliance_software
- asa-5525-x
- asa-5555-x
- firepower_threat_defense
- asa_5506w-x
- asa-5506-x
- asa_5508-x
- asa_5506h-x