The DCERPC Inspection implementation in Cisco Adaptive Security Appliance (ASA) Software 9.4.1 through 9.5.1 allows remote authenticated users to bypass an intended DCERPC-only ACL by sending arbitrary network traffic, aka Bug ID CSCuu67782.
References
Configurations
Configuration 1 (hide)
|
History
11 Aug 2023, 18:54
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:cisco:adaptive_security_appliance_software:9.4.1.1:*:*:*:*:*:*:* cpe:2.3:a:cisco:adaptive_security_appliance_software:9.4.1.2:*:*:*:*:*:*:* cpe:2.3:a:cisco:adaptive_security_appliance_software:9.5.1:*:*:*:*:*:*:* cpe:2.3:a:cisco:adaptive_security_appliance_software:9.4.1.5:*:*:*:*:*:*:* cpe:2.3:a:cisco:adaptive_security_appliance_software:9.4.1:*:*:*:*:*:*:* cpe:2.3:a:cisco:adaptive_security_appliance_software:9.4.2:*:*:*:*:*:*:* |
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.1:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.2:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.3:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.2:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.5:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.1:*:*:*:*:*:*:* |
Information
Published : 2016-01-15 03:59
Updated : 2024-02-28 15:21
NVD link : CVE-2015-6423
Mitre link : CVE-2015-6423
CVE.ORG link : CVE-2015-6423
JSON object : View
Products Affected
cisco
- adaptive_security_appliance_software
CWE
CWE-264
Permissions, Privileges, and Access Controls