Test ID:	1.3.6.1.4.1.25623.1.0.106049
Category:	CISCO
Title:	Cisco ASA Multiple OpenSSL Vulnerabilities (cisco-sa-20150612-openssl)
Summary:	Cisco ASA is prone to multiple vulnerabilities in the OpenSSL; library.
Description:	Summary: Cisco ASA is prone to multiple vulnerabilities in the OpenSSL library. Vulnerability Insight: On June 11, 2015, the OpenSSL Project released a security advisory detailing six distinct vulnerabilities, and another fix that provides hardening protections against exploits as described in the Logjam research. Two of the vulnerabilities apply to Cisco ASA products. Vulnerability Impact: The vulnerability may lead to a denial of service condition. Affected Software/OS: Cisco ASA version 7.2, 8.2, 8.4, 8.5, 8.6, 8.7, 9.0, 9.1, 9.2, 9.3 and 9.4. Solution: See the referenced vendor advisory for a solution. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-1790 1032564 http://www.securitytracker.com/id/1032564 20150612 Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl 75157 http://www.securityfocus.com/bid/75157 91787 http://www.securityfocus.com/bid/91787 APPLE-SA-2015-08-13-2 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html DSA-3287 http://www.debian.org/security/2015/dsa-3287 FEDORA-2015-10047 http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160436.html FEDORA-2015-10108 http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160647.html GLSA-201506-02 https://security.gentoo.org/glsa/201506-02 HPSBGN03371 http://marc.info/?l=bugtraq&m=143654156615516&w=2 HPSBMU03409 http://marc.info/?l=bugtraq&m=144050155601375&w=2 HPSBUX03388 http://marc.info/?l=bugtraq&m=143880121627664&w=2 NetBSD-SA2015-008 http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc RHSA-2015:1115 http://rhn.redhat.com/errata/RHSA-2015-1115.html RHSA-2015:1197 http://rhn.redhat.com/errata/RHSA-2015-1197.html SSRT102180 SUSE-SU-2015:1143 http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html SUSE-SU-2015:1150 http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html SUSE-SU-2015:1181 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html SUSE-SU-2015:1182 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html SUSE-SU-2015:1183 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html SUSE-SU-2015:1184 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html SUSE-SU-2015:1185 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html USN-2639-1 http://www.ubuntu.com/usn/USN-2639-1 http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733 http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015 http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015 http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html https://bto.bluecoat.com/security-advisory/sa98 https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf https://github.com/openssl/openssl/commit/59302b600e8d5b77ef144e447bb046fd7ab72686 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05353965 https://kc.mcafee.com/corporate/index?page=content&id=SB10122 https://openssl.org/news/secadv/20150611.txt https://support.apple.com/kb/HT205031 https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11 https://www.openssl.org/news/secadv_20150611.txt openSUSE-SU-2015:1139 http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html openSUSE-SU-2015:1277 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html openSUSE-SU-2016:0640 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html Common Vulnerability Exposure (CVE) ID: CVE-2015-1791 1032479 http://www.securitytracker.com/id/1032479 75161 http://www.securityfocus.com/bid/75161 http://www-304.ibm.com/support/docview.wss?uid=swg21960041 https://github.com/openssl/openssl/commit/98ece4eebfb6cd45cc8d550c6ac0022965071afc https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667 https://support.citrix.com/article/CTX216642
Copyright	Copyright (C) 2015 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.