Back to search
CVE-2015-4550
Published: Jun 17, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
The Cavium cryptographic-module firmware on Cisco Adaptive Security Appliance (ASA) devices with software 9.3(3) and 9.4(1.1) does not verify the AES-GCM Integrity Check Value (ICV) octets, which makes it easier for man-in-the-middle attackers to spoof IPSec and IKEv2 traffic by modifying packet data, aka Bug ID CSCuu66218.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
75269
vdb-entry
x_refsource_BID
1032595
vdb-entry
x_refsource_SECTRACK
20150616 Cisco Adaptive Security Appliance Encrypted IPSec or IKEv2 Packet Modification Vulnerability
vendor-advisory
x_refsource_CISCO
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now