Vulnerability Description
The Unicast Reverse Path Forwarding (uRPF) implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(1.50), 9.3(2.100), 9.3(3), and 9.4(1) mishandles cases where an IP address belongs to an internal interface but is also in the ASA routing table, which allows remote attackers to bypass uRPF validation via spoofed packets, aka Bug ID CSCuv60724.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Adaptive Security Appliance Software | 9.3\(1.50\) |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/viewAlert.x?alertId=40440Vendor Advisory
- http://www.securitytracker.com/id/1033265
- http://tools.cisco.com/security/center/viewAlert.x?alertId=40440Vendor Advisory
- http://www.securitytracker.com/id/1033265
FAQ
What is CVE-2015-4321?
CVE-2015-4321 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The Unicast Reverse Path Forwarding (uRPF) implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(1.50), 9.3(2.100), 9.3(3), and 9.4(1) mishandles cases where an IP address belongs to ...
How severe is CVE-2015-4321?
CVE-2015-4321 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-4321?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Adaptive Security Appliance Software.