CVE-2018-15397: Cisco Security Advisory: Cisco Adaptive Security Appliance IPsec VPN Denial of Service Vulnerability

At the time of publication, this vulnerability affected the following Cisco products:

• Adaptive Security Appliance (ASA) Software Releases 9.6.4, 9.8.2, and 9.9.1, prior to the first fixed release
• Firepower Threat Defense (FTD) Software Release 6.2.2

For the latest and most detailed information about affected software releases, consult the Cisco bug ID(s) at the top of this advisory.

Determine the Cisco ASA Software Release

To determine which Cisco ASA Software release is running on a device, administrators can log in to the device, use the show version command in the CLI, and refer to the output of the command. The following example shows the output of the command for a device that is running Cisco ASA Software Release 9.4(4):

ciscoasa# show version | include Version

Cisco Adaptive Security Appliance Software Version 9.4(4) Device Manager Version 7.4(1) . . .

If a device is managed by using Cisco Adaptive Security Device Manager (ASDM), administrators can also determine which release is running on a device by referring to the release information in the table that appears in the Cisco ASDM log in window or the Device Dashboard tab of the Cisco ASDM Home pane.

Determine the Cisco FTD Software Release

To determine which Cisco FTD Software release is running on a device, administrators can log in to the device, use the show version command in the CLI, and refer to the output of the command. The following example shows the output of the command for a device that is running Cisco FTD Software Release 6.2.0:

> show version

---------------------[ ftd ]--------------------- Model : Cisco ASA5525-X Threat Defense (75) Version 6.2.0 (Build 362) UUID : 2849ba3c-ecb8-11e6-98ca-b9fc2975893c Rules update version : 2017-03-15-001-vrt VDB version : 279

---

Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability.