Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco IOS Software, IOS XE Software, Secure Firewall Adaptive Security Appliance (ASA) Software, and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition. This vulnerability is due to a lack of proper processing of IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device. In the case of Cisco IOS and IOS XE Software, a successful exploit could allow the attacker to cause the device to reload unexpectedly. In the case of Cisco ASA and FTD Software, a successful exploit could allow the attacker to partially exhaust system memory, causing system instability such as being unable to establish new IKEv2 VPN sessions. A manual reboot of the device is required to recover from this condition.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
Vulnerability Type
在移除最后引用时对内存的释放不恰当(内存泄露)
Vulnerability Title
Cisco多款产品 安全漏洞
Vulnerability Description
Cisco IOS等都是美国思科(Cisco)公司的产品。Cisco IOS是一套为其网络设备开发的操作系统。Cisco Adaptive Security Appliances Software(ASA Software)是一套防火墙和网络安全平台。Cisco IOS XE是一个操作系统。 Cisco多款产品存在安全漏洞,该漏洞源于IKEv2数据包处理不当,可能导致内存泄漏和拒绝服务攻击。以下产品受到影响:Cisco IOS、IOS XE、Adaptive Security Appliance Soft
CVSS Information
N/A
Vulnerability Type
N/A