Strix
26.1K

CVE-2015-4321

UnknownEPSS 1.73%

Last modified

CVE-2015-4321 is a vulnerability of currently unknown severity. The Unicast Reverse Path Forwarding (uRPF) implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(1.50), 9.3(2.100), 9.3(3), and 9.4(1) mishandles cases where an IP address belongs to an internal interface but is also in the ASA routing table, which allows remote attackers to bypass uRPF validation via spoofed packets, aka Bug ID CSCuv60724.. EPSS estimates a 1.73% chance of exploitation in the next 30 days.

Description

The Unicast Reverse Path Forwarding (uRPF) implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(1.50), 9.3(2.100), 9.3(3), and 9.4(1) mishandles cases where an IP address belongs to an internal interface but is also in the ASA routing table, which allows remote attackers to bypass uRPF validation via spoofed packets, aka Bug ID CSCuv60724.

Metrics

EPSS Probability
1.73%

74.7th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoAdaptive Security Appliance Software9.3\(1.50\)
CiscoAdaptive Security Appliance Software9.3\(2.100\)
CiscoAdaptive Security Appliance Software9.3\(3\)
CiscoAdaptive Security Appliance Software9.4\(1\)

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2015-4321?
The Unicast Reverse Path Forwarding (uRPF) implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(1.50), 9.3(2.100), 9.3(3), and 9.4(1) mishandles cases where an IP address belongs to an internal interface but is also in the ASA routing table, which allows remote attackers to bypass uRPF validation via spoofed packets, aka Bug ID CSCuv60724.
How severe is CVE-2015-4321?
Severity scoring for CVE-2015-4321 is pending analysis. The EPSS model estimates a 1.73% probability of exploitation in the next 30 days.
How do I fix CVE-2015-4321?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2015-4321?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST