ASA-201711-31 - log back

ASA-201711-31 created at 25 Sep 2019 19:32:14
Workaround
+ It is possible to work around CVE-2017-15093 by disabling the ability
+ to alter the configuration via the API by setting 'api-config-dir' to
+ an empty value (default), or by marking the API read-only via the 'api-
+ readonly' setting.
Impact
+ A remote, unauthenticated attacker can inject Javascript code into the web interface, or can cause a denial of service via crafted DNSSEC signatures. An attacker in position of man-in-the-middle can also bypass DNSSEC validation via a crafted signature. In addition to that, a remote authenticated attacker with access to the API can inject unexpected directives into the configuration file.