IKE Request Processing Flaw in Cisco ASA 5500 Series Devices
CVE-2011-3309

Currently unrated

Key Information:

Vendor: Cisco
Status: Adaptive Security Appliance Software; 5500 Series Adaptive Security Appliance
Vendor: CVE Published:; 2 May 2012

Summary

Cisco Adaptive Security Appliances (ASA) 5500 series, running on software versions 8.2 through 8.4, exhibit a vulnerability wherein they process Internet Key Exchange (IKE) requests even with VPN client mode configuration enabled. This flaw allows remote attackers to intercept and read IKE responder traffic, creating a risk of exposure to potentially sensitive information. This issue is recognized under Bug ID CSCtt07749 and could lead to significant security implications if unaddressed.

References

http://www.securitytracker.com/id?1027008

vdb-entryx_refsource_SECTRACK

http://www.cisco.com/web/software/280775065/45357/ASA-825...

x_refsource_CONFIRM

Timeline

Vulnerability published
May 2, 2012
Vulnerability Reserved
Aug 29, 2011