Vulnérabilité SIP matos Cisco

Discussions sur la sécurisation des protocoles, les authentifications, les CVE, les failles de sécu, le chiffrement,...
Répondre
Avatar du membre

Auteur du sujet
Mackguil
Modérateur globaux
Modérateur globaux
Messages : 3902
Enregistré le : 31 oct. 2017, 18:35
Localisation : Tx

Vulnérabilité SIP matos Cisco

Message par Mackguil » 02 nov. 2018, 21:28

A vulnerability in the Session Initiation Protocol (SIP) inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload or trigger high CPU, resulting in a denial of service (DoS) condition.

The vulnerability is due to improper handling of SIP traffic. An attacker could exploit this vulnerability by sending SIP requests designed to specifically trigger this issue at a high rate across an affected device.


Source: https://tools.cisco.com/security/center ... td-sip-dos

Répondre