Vulnerability Description
A vulnerability in the remote access VPN session manager of Cisco Adaptive Security Appliance (ASA) Software could allow a unauthenticated, remote attacker to cause a denial of service (DoS) condition on the remote access VPN services. The vulnerability is due to an issue with the remote access VPN session manager. An attacker could exploit this vulnerability by requesting an excessive number of remote access VPN sessions. An exploit could allow the attacker to cause a DoS condition.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Adaptive Security Appliance Software | >= 9.4, < 9.4.4.34 |
| Cisco | Asa 5506-X | - |
| Cisco | Asa 5506H-X | - |
| Cisco | Asa 5506W-X | - |
| Cisco | Asa 5508-X | - |
| Cisco | Asa 5516-X | - |
| Cisco | Asa 5525-X | - |
| Cisco | Asa 5545-X | - |
| Cisco | Asa 5555-X | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/108151Third Party AdvisoryVDB Entry
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
- http://www.securityfocus.com/bid/108151Third Party AdvisoryVDB Entry
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
FAQ
What is CVE-2019-1705?
CVE-2019-1705 is a vulnerability with a CVSS score of 5.3 (MEDIUM). A vulnerability in the remote access VPN session manager of Cisco Adaptive Security Appliance (ASA) Software could allow a unauthenticated, remote attacker to cause a denial of service (DoS) condition...
How severe is CVE-2019-1705?
CVE-2019-1705 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-1705?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Adaptive Security Appliance Software, Cisco Asa 5506-X, Cisco Asa 5506H-X, Cisco Asa 5506W-X, Cisco Asa 5508-X.