Guest

Preview Tool

Cisco Bug: CSCus47259 - Cisco ASA XAUTH Bypass Vulnerability

Last Modified

Nov 08, 2016

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases

8.0(2)

Description (partial)

Symptoms:
Due to a vulnerability in the IKEv1 code is it possible to bypass XAUTH authentication by sending crafted IKE messages

Conditions:
This applies only to deployment configured with Remote VPN and IKEv1.
The knowledge of the PSK or a valid certificate is needed to perform the attack.

This vulnerabilities affects only the following trains:
- 7.x
- 8.0
- 8.1
- 8.2 prior to 8.2.2.13

This issue has been fixed as part of another bug:  CSCtg28821
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.