IPSec Client Authentication Vulnerability in Cisco PIX and ASA Devices
CVE-2008-2733

Currently unrated

Key Information:

Vendor: Cisco
Status: Pix; Adaptive Security Appliance 5500
Vendor: CVE Published:; 4 September 2008

Summary

Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices are susceptible to vulnerabilities when configured as VPN client endpoints. These vulnerabilities arise from improper handling of IPSec client authentication, allowing remote attackers to exploit this weakness. By sending specifically crafted authentication requests, attackers can trigger a device reload, leading to a denial of service scenario. This can impact network availability and compromise endpoint security.

References

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

https://exchange.xforce.ibmcloud.com/vulnerabilities/44867

vdb-entryx_refsource_XF

http://www.securitytracker.com/id?1020811

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Sep 4, 2008
Vulnerability Reserved
Jun 16, 2008