Cisco AsyncOS For Cisco Email Security Appliance Cluster Denial Of Service Vulnerabilities
24 Sep. 2015
Cisco AsyncOS on Email Security Appliance (ESA) devices with software 8.5.6-073, 8.5.6-074, and 9.0.0-461, when clustering is enabled, allows remote attackers to cause a denial of service (clustering and SSH outage) via a packet flood
The information has been provided by Cisco.
A vulnerability in the clustering component of Cisco AsyncOS for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause the device to become unresponsive on the clustering and SSH configured ports.The vulnerability is due to improper handling of packets sent at a high rate when the system is configured for clustering. An attacker could exploit this vulnerability by sending packets to the targeted system at a high rate. An exploit could allow the attacker to cause the affected system to become unresponsive on the clustering and SSH configured ports, causing all new connections to these ports to fail. A reload is required to restore normal operational behavior. Cisco has confirmed the vulnerability and released software updates.