FYI hadn't seen this posted yet here and there are some reports of this out in the wild: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181031-asaftd-sip-dos
" Vulnerable Products
This vulnerability affects Cisco ASA Software Release 9.4 and later and Cisco FTD Software Release 6.0 and later if SIP inspection is enabled and the software is running on any of the following Cisco products:
3000 Series Industrial Security Appliance (ISA) ASA 5500-X Series Next-Generation Firewalls ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers Adaptive Security Virtual Appliance (ASAv) Firepower 2100 Series Security Appliance Firepower 4100 Series Security Appliance Firepower 9300 ASA Security Module FTD Virtual (FTDv)
SIP inspection is enabled by default in both Cisco ASA Software and Cisco FTD Software."
Cross posted from https://www.reddit.com/r/Cisco/comments/9t6b6d/new_asa_vulnerability_in_sip_inpection/
Some users there reporting they have already been hit.
No comments:
Post a Comment