This vulnerability is due to insufficient traffic validation for the SIP ALG.
#CISCO ASA SIP ALG SOFTWARE#
In addition, a software release that is affected by one of the vulnerabilities may not be affected by the other vulnerability.ĭetails about the vulnerabilities are as follows:ĬVE-2021-34790: Cisco ASA Software and Cisco FTD Software Session Initiation Protocol ALG Bypass VulnerabilityĪ vulnerability in the Session Initiation Protocol (SIP) ALG for the NAT feature of Cisco ASA Software and Cisco FTD Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG. Exploitation of one of the vulnerabilities is not required to exploit the other vulnerability. The vulnerabilities are not dependent on one another. For a complete list of the advisories and links to them, see Cisco Event Response: October 2021 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. This advisory is part of the October 2021 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. This advisory is available at the following link: There are no workarounds that address this vulnerability. Note: These vulnerabilities have been publicly discussed as NAT Slipstreaming.Ĭisco has released software updates that address this vulnerability.
Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG.įor more information about these vulnerabilities, see the Details section of this advisory.
0 kommentar(er)
