Guest

Preview Tool

Cisco Bug: CSCus79777 - Cisco SMA TCP Flood Denial of Service Vulnerability

Last Modified

Feb 07, 2017

Products (1)

  • Cisco Content Security Management Appliance

Known Affected Releases

7.8.0-328 7.8.1-001 7.9.0-201 7.9.2-116 8.0.1-031 8.1.0-001 8.1.1-033 8.1.2-000 8.2.0-238 8.3.0-350 8.3.5-061 8.3.6-014 8.3.7-010 8.4.0-150 9.0.0-073 9.1.0-004

Description (partial)

Symptom:
A vulnerability in the network stack of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA)
and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to exhaust all available memory, preventing the affected
device from accepting new TCP connections.

The vulnerability is due to improper handling of TCP packets sent at a high rate. An attacker could exploit this vulnerability by sending crafted
TCP packets to the affected system.

Note: A full device reload is needed to recover the system to an operational state.

Cisco has released software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability. This advisory is
available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-aos

Conditions:
See Security Advisory
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.