The vulnerability was discovered during the resolution of a Cisco TAC support case and reported by Cisco PSIRT.
Vulnerability details
Vulnerable component: Cisco ASA 5500-X Series
CVE-ID: CVE-2018-15454
CVSSv3 score: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:U/RC:C
CWE-ID: CWE-20 - Improper input validation
Description:
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of SIP traffic. A remote attacker can send specially crafted SIP packets to the affected device, cause high CPU load that may lead to denial of service conditions.
Note, this vulnerability is being actively exploited in the wild against a limited number of targets.