A vulnerability in the SIP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition.The vulnerability is due to a crash that occurs during a hash lookup for a SIP pinhole connection. An attacker could exploit this vulnerability by sending crafted SIP traffic through an affected device. A successful exploit could allow the attacker to cause a crash and reload of the affected device.
References
Link | Resource |
---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-sipdos-GGwmMerC | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
16 Aug 2023, 16:18
Type | Values Removed | Values Added |
---|---|---|
First Time |
Cisco adaptive Security Appliance Software
|
|
CPE | cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:* |
21 Oct 2022, 19:43
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo |
09 May 2021, 03:24
Type | Values Removed | Values Added |
---|---|---|
References | (CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-sipdos-GGwmMerC - Vendor Advisory | |
CPE | cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 7.8
v3 : 7.5 |
29 Apr 2021, 18:48
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-04-29 18:15
Updated : 2023-12-10 13:55
NVD link : CVE-2021-1501
Mitre link : CVE-2021-1501
CVE.ORG link : CVE-2021-1501
JSON object : View
Products Affected
cisco
- adaptive_security_appliance_software
- firepower_threat_defense
CWE