Details of VAR-201508-0490

ID

VAR-201508-0490

CVE

CVE-2015-4321

TITLE

Cisco Adaptive Security Appliance Software Unicast Reverse Path Forwarding In the implementation of uRPF Vulnerabilities that are bypassed

Trust: 0.8

sources: JVNDB: JVNDB-2015-004361

DESCRIPTION

The Unicast Reverse Path Forwarding (uRPF) implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(1.50), 9.3(2.100), 9.3(3), and 9.4(1) mishandles cases where an IP address belongs to an internal interface but is also in the ASA routing table, which allows remote attackers to bypass uRPF validation via spoofed packets, aka Bug ID CSCuv60724. Vendors have confirmed this vulnerability Bug ID CSCuv60724 It is released as.Via a forged packet by a third party, uRPF May be bypassed. Cisco Adaptive Security Appliance Software is prone to a remote security-bypass vulnerability. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. This issue is tracked by Cisco Bug ID CSCuv60724. The appliance also includes IPS (Intrusion Prevention System), SSL VPN, IPSec VPN, anti-spam, and more. The vulnerability comes from the fact that the program does not perform uRPF authentication correctly. The following releases are affected: Cisco ASA Release 9.3(1.50), Release 9.3(2.100), Release 9.3(3), Release 9.4(1)

Trust: 1.98

sources: NVD: CVE-2015-4321 // JVNDB: JVNDB-2015-004361 // BID: 76325 // VULHUB: VHN-82282

AFFECTED PRODUCTS

vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3\(3\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3\(2.100\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.4\(1\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3\(1.50\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.4.1	Trust: 1.1
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3.3 (1.50)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3.3 (2.100)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3.3	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3(2.100)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3(1.50)	Trust: 0.3

sources: BID: 76325 // JVNDB: JVNDB-2015-004361 // CNNVD: CNNVD-201508-388 // NVD: CVE-2015-4321

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-4321
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2015-4321
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201508-388
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-82282
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2015-4321
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-82282
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-82282 // JVNDB: JVNDB-2015-004361 // CNNVD: CNNVD-201508-388 // NVD: CVE-2015-4321

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-82282 // JVNDB: JVNDB-2015-004361 // NVD: CVE-2015-4321

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201508-388

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201508-388

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-004361

PATCH

title:

40440

url:

http://tools.cisco.com/security/center/viewAlert.x?alertId=40440

Trust: 0.8

sources: JVNDB: JVNDB-2015-004361

EXTERNAL IDS

db:	NVD	id:	CVE-2015-4321	Trust: 2.8
db:	SECTRACK	id:	1033265	Trust: 1.1
db:	BID	id:	76325	Trust: 1.0
db:	JVNDB	id:	JVNDB-2015-004361	Trust: 0.8
db:	CNNVD	id:	CNNVD-201508-388	Trust: 0.7
db:	SEEBUG	id:	SSVID-89605	Trust: 0.1
db:	VULHUB	id:	VHN-82282	Trust: 0.1

sources: VULHUB: VHN-82282 // BID: 76325 // JVNDB: JVNDB-2015-004361 // CNNVD: CNNVD-201508-388 // NVD: CVE-2015-4321

REFERENCES

url:	http://tools.cisco.com/security/center/viewalert.x?alertid=40440	Trust: 2.0
url:	http://www.securitytracker.com/id/1033265	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4321	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-4321	Trust: 0.8
url:	http://www.securityfocus.com/bid/76325	Trust: 0.6
url:	http://www.cisco.com/en/us/products/ps12726/index.html	Trust: 0.3
url:	http://www.cisco.com/	Trust: 0.3

sources: VULHUB: VHN-82282 // BID: 76325 // JVNDB: JVNDB-2015-004361 // CNNVD: CNNVD-201508-388 // NVD: CVE-2015-4321

CREDITS

Cisco

Trust: 0.9

sources: BID: 76325 // CNNVD: CNNVD-201508-388

SOURCES

db:	VULHUB	id:	VHN-82282
db:	BID	id:	76325
db:	JVNDB	id:	JVNDB-2015-004361
db:	CNNVD	id:	CNNVD-201508-388
db:	NVD	id:	CVE-2015-4321

LAST UPDATE DATE

2024-11-23T21:43:57.346000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-82282	date:	2017-09-21T00:00:00
db:	BID	id:	76325	date:	2015-08-12T00:00:00
db:	JVNDB	id:	JVNDB-2015-004361	date:	2015-08-25T00:00:00
db:	CNNVD	id:	CNNVD-201508-388	date:	2015-08-18T00:00:00
db:	NVD	id:	CVE-2015-4321	date:	2024-11-21T02:30:49.733

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-82282	date:	2015-08-20T00:00:00
db:	BID	id:	76325	date:	2015-08-12T00:00:00
db:	JVNDB	id:	JVNDB-2015-004361	date:	2015-08-25T00:00:00
db:	CNNVD	id:	CNNVD-201508-388	date:	2015-08-18T00:00:00
db:	NVD	id:	CVE-2015-4321	date:	2015-08-20T10:59:09.950