发布日期：2019-06-20
更新日期：2019-06-28

受影响系统：

Cisco Firepower Threat Defense Software 6.2.3
Cisco Firepower Threat Defense Software 6.2.3
Cisco Firepower Threat Defense Software 6.2.2
Cisco Firepower Threat Defense Software 6.2.2
Cisco Firepower Threat Defense Software 6.2.1
Cisco Firepower Threat Defense Software 6.2.1
Cisco Firepower Threat Defense Software 6.2
Cisco Firepower Threat Defense Software 6.2
Cisco Adaptive Security Appliance (ASA) Software 9.9
Cisco Adaptive Security Appliance (ASA) Software 9.8
Cisco Adaptive Security Appliance (ASA) Software 9.7
Cisco Adaptive Security Appliance (ASA) Software 9.6
Cisco Adaptive Security Appliance (ASA) Software 9.5
Cisco Adaptive Security Appliance (ASA) Software 9.4
Cisco Adaptive Security Appliance (ASA) Software 9.3
Cisco IOS XE Software
Cisco ASR 1000 Series Routers
Cisco Adaptive Security Appliance (ASA) 5500-X Series
Cisco 4000 Series

不受影响系统：

Cisco Firepower Threat Defense Software 6.2.3.1
Cisco Firepower Threat Defense Software 6.2.2.3
Cisco Adaptive Security Appliance (ASA) Software 9.9.2.2
Cisco Adaptive Security Appliance (ASA) Software 9.8.2.26
Cisco Adaptive Security Appliance (ASA) Software 9.6.4.8
Cisco Adaptive Security Appliance (ASA) Software 9.4.4.18

描述：

---

BUGTRAQ  ID: 105418
CVE(CAN) ID: CVE-2018-0472

思科系统公司是互联网解决方案的领先提供者，其设备和软件产品主要用于连接计算机网络系统。
多个Cisco IOS XE软件平台和Cisco ASA 5500-X系列自适应安全设备（ASA）的IPsec驱动程序代码中的漏洞可能允许未经身份验证的远程攻击者导致设备重新加载。该漏洞是由于格式错误的IPsec身份验证标头（AH）或封装安全负载（ESP）数据包的处理不当造成的。
攻击者可以通过发送格式错误的IPsec数据包来利用此漏洞，以便受影响的设备进行处理。攻击可能允许攻击者重新加载受影响的设备。

<*链接：https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ipsec
*>

建议：

---

厂商补丁：

Cisco
-----
Cisco已经为此发布了一个安全公告（cisco-sa-20180926-ipsec）以及相应补丁:
cisco-sa-20180926-ipsec：Cisco IOS XE Software and Cisco ASA 5500-X Series Adaptive Security Appliance IPsec Denial of Service Vulnerability
链接：https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ipsec

补丁下载：

浏览次数：1279
严重程度：0（网友投票）