SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionThe remote Cisco ASA device is affected by one or more of the following vulnerabilities :
- An issue exists in the Adaptive Security Device Manager (ADSM) due to improper privilege assignment to users with a privilege level of zero. This issue allows an authenticated, remote attacker to gain administrative privileges. (CVE-2014-2126)
- An issue exists in the SSL VPN portal when the Clientless SSL VPN feature is used due to improper handling of management session information. An authenticated, remote attacker can exploit this to gain administrative privileges. (CVE-2014-2127)
- An issue exists in the SSL VPN feature due to improper handling of authentication cookies. An unauthenticated, remote attacker can exploit this to bypass authentication, resulting in unauthorized access to internal network resources. (CVE-2014-2128)
- An issue exists in the SIP inspection engine due to improper handling of SIP packets. An unauthenticated, remote attacker can exploit this to cause memory exhaustion, resulting in a denial of service.
Note that that the verification check for the presence of CVE-2014-2128 is a best effort approach and may result in potential false positives.
SolutionApply the relevant patch or workaround referenced in Cisco Security Advisory cisco-sa-20140409-asa.