Cisco Secure Firewall ASA and FTD Software VPN Web Server Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software. This vulnerability allows an unauthenticated, remote attacker to cause a DoS condition on the affected device. The issue arises from ineffective memory management in the VPN web server, which can be exploited by sending a large number of crafted HTTP requests. A successful exploit may cause the device to reload, leading to a DoS condition.

Impact

Exploitation of this vulnerability causes the affected device to reload, creating a denial-of-service condition.

Remediation

Cisco has released software updates to address this vulnerability. For instructions on upgrading Cisco Secure FTD devices, refer to the Cisco Secure FMC upgrade guide. To determine the best release to upgrade to, consult the Cisco Secure Firewall Threat Defense Compatibility Guide.