<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=381391698926062&amp;ev=PageView&amp;noscript=1">
//mega nav ctas

Cisco Adaptive Security Appliance (ASA) SNMP Remote Code Execution Vulnerability

Posted On: August 18, 2016

Topic: Security

network_management (2).jpgVulnerability Description
A vulnerability in the Simple Network Management Protocol (SNMP) code of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code.

The vulnerability is due to a buffer overflow in the affected code area. An attacker could exploit this vulnerability by sending crafted SNMP packets to the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system. The attacker must know the SNMP community string to exploit this vulnerability.

Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed and transparent firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 traffic only.

Cisco has not released software updates that address this vulnerability. There are workarounds that address this vulnerability.”

Cisco Advisory: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmp


Affected Products

Affected Cisco ASA Software running on the following products may be affected by this vulnerability:
Cisco ASA 5500 Series Adaptive Security Appliances
Cisco ASA 5500-X Series Next-Generation Firewalls
Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
Cisco ASA 1000V Cloud Firewall
Cisco Adaptive Security Virtual Appliance (ASAv)
Cisco Firepower 9300 ASA Security Module
Cisco PIX Firewalls
Cisco Firewall Services Module (FWSM)
All versions of SNMP are affected by this vulnerability.


NOTE:

  1. We are further securing ReliaCloud’s core infrastructure against this vulnerability.
  2. We are increasing our monitoring and alerting for any related activity that might increase risk due to this vulnerability.
  3. We are assessing all of our managed customer devices and where possible, developing a plan to secure those assets against this vulnerability.

 

OneNeck customers have access to our security experts at any time to discuss how a vulnerability impacts them and steps to secure their environment. Additional OneNeck services help our customers assess, secure, and manage their IT environment. Contact your account manager to get started.

OneNeck Managed Services
For our managed services customers, OneNeck provides critical patching either included in your fixed monthly fees or as an optional service.

OneNeck Infrastructure Security Assessment
This includes automated scanning to identify the vulnerable systems, plus our expert analysis to create an effective remediation plan. The assessment will also point out other known vulnerabilities. A complete Infrastructure Security Assessment includes professional review of the security architecture and device configurations.

OneNeck Security Solutions
Our leading security vendors provide solutions to mitigate the risk of these issues.  Contact us to architect a complete security solution protecting your network, applications, and client devices. OneNeck also offers security solutions as-­‐a-­‐service through our hosted offerings.

OneNeck Security Management
Monitoring your environment and quickly responding to new security issues is critical to maintaining security. OneNeck’s managed security services and Security Information and Event Management (SIEM) solutions provide the proactive notification to address incidents immediately.