Test Kennung:	1.3.6.1.4.1.25623.1.0.106079
Kategorie:	CISCO
Titel:	Cisco Adaptive Security Appliance XML Parser Denial of Service Vulnerability (cisco-sa-20160517-asa-xml)
Zusammenfassung:	A vulnerability in XML parser code of Cisco Adaptive Security; Appliance Software could allow an authenticated, remote attacker to cause system instability or a; reload of the affected system.
Beschreibung:	Summary: A vulnerability in XML parser code of Cisco Adaptive Security Appliance Software could allow an authenticated, remote attacker to cause system instability or a reload of the affected system. Vulnerability Insight: The vulnerability is due to insufficient hardening of the XML parser configuration. An attacker could exploit this vulnerability in multiple ways by utilizing a malicious file. An attacker with administrative privileges could exploit this by uploading a malicious XML file on the system and trigger the XML code to parse the malicious file. Additionally, an attacker with Clienteles SSL VPN access could exploit this vulnerability by sending a crafted XML file. Vulnerability Impact: An exploit would allow the attacker to crash the XML parser process, which could cause system instability, memory exhaustion, and in some cases lead to a reload of the affected system. Solution: See the referenced vendor advisory for a solution. CVSS Score: 6.8 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-1385 Cisco Security Advisory: 20160517 Cisco Adaptive Security Appliance XML Parser Denial of Service Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-xml http://www.securitytracker.com/id/1035976
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.