Cisco Security Advisory: Cisco ASA-CX and Cisco PRSM Log Retention Denial of Service Vulnerability



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco ASA-CX and Cisco PRSM Log Retention Denial of Service Vulnerability

Advisory ID: cisco-sa-20120912-asacx

Revision 1.0

For Public Release 2012 September 12 16:00 UTC (GMT)
+---------------------------------------------------------------------

Summary
=======

Cisco ASA-CX Context-Aware Security appliance and Cisco Prime Security
Manager (PRSM) contain a denial of service (DoS) vulnerability in
versions prior to 9.0.2-103.

Successful exploitation of this vulnerability on the Cisco ASA-CX
could cause the device to stop processing user traffic and prevent
management access to the Cisco ASA-CX. Successful exploitation of this
vulnerability on the Cisco PRSM could cause the software to become
unresponsive and unavailable.

There are no workarounds for this vulnerability, but some mitigations
are available.

Cisco has released free software updates that address this
vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-asacx
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: GPGTools - http://gpgtools.org

iF4EAREIAAYFAlBQmfIACgkQUddfH3/BbTqiYwD/XvyTOxUAsm5SUk6SQz2gSvJQ
MRJ/YAAaW54eH5HykGwA/j19RyMKO9JLs5Hj+E6lDsbVjl4azUf2XkBI+Zt/jS+B
=eNJC
-----END PGP SIGNATURE-----