Denial of Service Vulnerability in Cisco Adaptive Security Appliances
CVE-2012-2472

Currently unrated

Key Information:

Vendor: Cisco
Status: Adaptive Security Appliance Software; 5500 Series Adaptive Security Appliance
Vendor: CVE Published:; 6 August 2012

Summary

The vulnerability exists in the Cisco Adaptive Security Appliances (ASA) 5500 series devices when SIP inspection is enabled, leading to the creation of multiple identical pre-allocated secondary pinholes. This behavior can be exploited by remote attackers through specially crafted SIP traffic, resulting in excessive CPU usage and potential denial of service. The issue affects specific software versions, highlighting the need for vigilance in network security configurations.

References

http://www.cisco.com/en/US/docs/security/asa/asa84/releas...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 6, 2012