Critical Cisco ASA IKEv1/v2 Vulnerability. Active Scanning Detected, (Wed, Feb 10th)
Cisco released an advisory revealing a critical vulnerability in Ciscos ASA software. Devices are vulnerable if they are configured to terminate IKEv1 or IKEv2 VPN sessions. (CVE-2016-1287)
[Update] Also see this writeup with LOTS of details”> crypto map | include interface
A product is vulnerable if a crypto map is returned.
There is no workaround, but Cisco has released patched firmware for affected devices.
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
The original article/video can be found at Critical Cisco ASA IKEv1/v2 Vulnerability. Active Scanning Detected, (Wed, Feb 10th)