Test ID:	1.3.6.1.4.1.25623.1.0.107065
Category:	CISCO
Title:	Cisco ASA Software Local Certificate Authority Denial of Service Vulnerability (cisco-sa-20161019-asa-ca)
Summary:	A vulnerability in the local Certificate Authority (CA) feature; of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the; affected system.
Description:	Summary: A vulnerability in the local Certificate Authority (CA) feature of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system. Vulnerability Insight: The vulnerability is due to improper handling of crafted packets during the enrollment operation. An attacker could exploit this vulnerability by sending a crafted enrollment request to the affected system. Note: Only HTTPS packets directed to the Cisco ASA interface, where the local CA is allowing user enrollment, can be used to trigger this vulnerability. This vulnerability affects systems configured in routed firewall mode and in single or multiple context mode. Vulnerability Impact: An exploit could allow the attacker to cause the reload of the affected system. Solution: See the referenced vendor advisory for a solution. CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6431 BugTraq ID: 93786 http://www.securityfocus.com/bid/93786 http://www.securitytracker.com/id/1037060
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.