Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability
Various Cisco ASA products may be affected by this vulnerability, given the common vulnerability and exposures designation of CVE-2016-1287.
A vulnerability in the Internet Key Exchange (IKE) version 1 (v1) and IKE version 2 (v2) code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 and IPv6 traffic.
Cisco has released software updates that address this vulnerability. We will embark on a series of recommended upgrade paths to the software on relevant managed Cisco products that we host. This will involve minimal downtime during the necessary reboot of the ASA devices concerned.
For more information see:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike
Or search for
‘ CVE-2016-1287 ‘
If you have any further questions, please email support@netnorth.co.uk
Regards
Netnorth Support