Posted on

VU#339704: Cisco ASA and FTD SIP Inspection denial-of-service vulnerability

Cisco Adaptive Security Appliance(ASA)software and Cisco Firepower Threat Defense(FTD)software fails to properly parse SIP traffic,which can allow an attacker to trigger high CPU usage,resulting in a denial-of-service condition on affected devices. This vulnerability is exposed if SIP Inspection is enabled on affected devices,which is the default configuration on ASA devices. The Cisco SIP Inspection feature is advertised to”… enforce the sanity of the SIP messages,as well as detect SIP-based attacks.”

Leave a Reply

Your email address will not be published. Required fields are marked *