A security issue has been reported in Cisco Adaptive Security Appliance (ASA), which can be exploited by malicious people to manipulate certain data.
The security issue is caused due to a race condition error when processing a TFTP request for configuring the phone proxy connection database (sec_db). This can be exploited e.g. to manipulate certain configuration data.
Successful exploitation require the phone proxy feature to be configured.
The security issue is reported in version 9.1(3). Other versions may also be affected.
Solution: No official solution is currently available.
Provided and/or discovered by: Reported by the vendor.
Original Advisory: Cisco (CSCuj66766):
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org