Cisco VPN 3000 Concentrator IPSEC Tunnel Denial of Service Vulnerability

Cisco VPN 3000 Concentrator IPSEC Tunnel Denial of Service Vulnerability

Cisco has reported a security vulnerability in VPN 3000 series concentrator devices. The vulnerability is related to handling of incoming LAN-to-LAN IPSEC tunnel connections. When a connection is initiated on behalf of a remote network for which the device already has a security association, the existing connection is terminated. According to Cisco, this behaviour may be exploitable as a denial of service attack.

Furthermore, affected devices do not ensure that the data transmitted across a LAN-to-LAN IPSEC tunnel is sourced from the appropriate network. The implications of this potentially separate issue are not yet known.