CVE-2018-0240

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 19-04-2018 10:29

Last modified: - 31-05-2022 05:43

Total changes: - 2

Description

Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerabilities are due to logical errors during traffic inspection. An attacker could exploit these vulnerabilities by sending a high volume of malicious traffic across an affected device. An exploit could allow the attacker to cause a deadlock condition, resulting in a reload of an affected device. These vulnerabilities affect Cisco ASA Software and Cisco FTD Software configured for Application Layer Protocol Inspection running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCve61540, CSCvh23085, CSCvh95456.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Low

Attack complexity

Network

Attack vector

High

Availability

None

Confidentiality

None

Integrity

None

Privileges required

Changed

Scope

None

User interaction

8.6

Base score

3.9

4.0

Exploitability score

Impact score

Verification logic

AND

vendor=cisco AND product=firepower_threat_defense AND versionStartIncluding=6.2.0 AND versionEndExcluding=6.2.0.5

vendor=cisco AND product=firepower_threat_defense AND versionStartIncluding=6.2.1 AND versionEndExcluding=6.2.2.2

vendor=cisco AND product=adaptive_security_appliance_software AND versionStartIncluding=9.6.0.0 AND versionEndExcluding=9.6.4.6

vendor=cisco AND product=adaptive_security_appliance_software AND versionStartIncluding=9.7.0.0 AND versionEndExcluding=9.7.1.24

vendor=cisco AND product=adaptive_security_appliance_software AND versionStartIncluding=9.8.0.0 AND versionEndExcluding=9.8.2.24

vendor=cisco AND product=adaptive_security_appliance_software AND versionStartIncluding=9.9.0.0 AND versionEndExcluding=9.9.1.4

vendor=cisco AND product=firepower_threat_defense AND versionEndIncluding=6.1.0.7 AND versionStartIncluding=6.1.0

vendor=cisco AND product=catalyst_6509-e AND version=-

vendor=cisco AND product=catalyst_6506-e AND version=-

vendor=cisco AND product=catalyst_6503-e AND version=-

vendor=cisco AND product=catalyst_6513-e AND version=-

vendor=cisco AND product=catalyst_6509-v-e AND version=-

vendor=cisco AND product=catalyst_6509-neb-a AND version=-

vendor=cisco AND product=catalyst_6513 AND version=-

vendor=cisco AND product=catalyst_6504-e AND version=-

vendor=cisco AND product=firepower_9300 AND version=-

vendor=cisco AND product=asa_5506w-x AND version=-

vendor=cisco AND product=asa-5505 AND version=-

vendor=cisco AND product=asa_5510 AND version=-

vendor=cisco AND product=asa-5520 AND version=-

vendor=cisco AND product=asa-5540 AND version=-

vendor=cisco AND product=asa_5550 AND version=-

vendor=cisco AND product=asa_5580 AND version=-

vendor=cisco AND product=isa-3000-2c2f AND version=-

vendor=cisco AND product=isa-3000-4c AND version=-

vendor=cisco AND product=asa-5506-x AND version=-

vendor=cisco AND product=asa-5506h-x AND version=-

vendor=cisco AND product=asa-5512-x AND version=-

vendor=cisco AND product=asa-5515-x AND version=-

vendor=cisco AND product=asa-5545-x AND version=-

vendor=cisco AND product=asa-5555-x AND version=-

vendor=cisco AND product=asa-5585-x AND version=-

vendor=cisco AND product=asa_5506-x AND version=-

vendor=cisco AND product=asa_5508-x AND version=-

vendor=cisco AND product=asa_5516-x AND version=-

vendor=cisco AND product=asa_5525-x AND version=-

vendor=cisco AND product=asa_5555-x AND version=-

vendor=cisco AND product=adaptive_security_virtual_appliance AND version=-

vendor=cisco AND product=7604 AND version=-

vendor=cisco AND product=7606-s AND version=-

vendor=cisco AND product=7609-s AND version=-

vendor=cisco AND product=7613-s AND version=-

vendor=cisco AND product=catalyst_6500-e AND version=-

vendor=cisco AND product=firepower_threat_defense_virtual AND version=-

vendor=cisco AND product=firepower_2110 AND version=-

vendor=cisco AND product=firepower_2120 AND version=-

vendor=cisco AND product=firepower_2130 AND version=-

vendor=cisco AND product=firepower_2140 AND version=-

vendor=cisco AND product=firepower_4110 AND version=-

vendor=cisco AND product=firepower_4120 AND version=-

vendor=cisco AND product=firepower_4140 AND version=-

vendor=cisco AND product=firepower_4150 AND version=-

Reference

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect
1040722-Broken Link, Third Party Advisory, VDB Entry
103934-Third Party Advisory, VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01

Keywords

CVE-2018-0240

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2018-0240

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures