CVSS: 10.0EPSS: 93%CPEs: 13EXPL: 3CVE-2018-0101 – Cisco ASA - Crash (PoC)
https://notcve.org/view.php?id=CVE-2018-0101
A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to an attempt to double free a region of memory when the webvpn feature is enabled on the Cisco ASA device. An attacker could exploit this vulnerability by sending multiple, crafted XML packets to a webvpn-configured interface on the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system, or cause a reload of the affected device. This vulnerability affects Cisco ASA Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, ASA 1000V Cloud Firewall, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4110 Security Appliance, Firepower 9300 ASA Security Module, Firepower Threat Defense Software (FTD). • https://www.exploit-db.com/exploits/43986 https://github.com/1337g/CVE-2018-0101-DOS-POC http://www.securityfocus.com/bid/102845 http://www.securitytracker.com/id/1040292 https://icanthackit.wordpress.com/2018/01/30/thoughts-on-the-handling-cve-2018-0101-cisco-bug-cscvg35618 https://pastebin.com/YrBcG2Ln https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1 • CWE-415: Double Free •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6765
https://notcve.org/view.php?id=CVE-2017-6765
A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) 9.1(6.11) and 9.4(1.2) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device, aka WebVPN XSS. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. Cisco Bug IDs: CSCve19179. • http://www.securityfocus.com/bid/100150 http://www.securitytracker.com/id/1039056 https://quickview.cloudapps.cisco.com/quickview/bug/CSCve19179 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-asa1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.2EPSS: 0%CPEs: 3788EXPL: 0CVE-2017-6770
https://notcve.org/view.php?id=CVE-2017-6770
Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX-OS 4.0 through 12.0, and IOS XE 3.6 through 3.18 are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated, remote attacker to take full control of the OSPF Autonomous System (AS) domain routing table, allowing the attacker to intercept or black-hole traffic. The attacker could exploit this vulnerability by injecting crafted OSPF packets. Successful exploitation could cause the targeted router to flush its routing table and propagate the crafted OSPF LSA type 1 update throughout the OSPF AS domain. To exploit this vulnerability, an attacker must accurately determine certain parameters within the LSA database on the target router. • http://www.securityfocus.com/bid/100005 http://www.securitytracker.com/id/1039005 http://www.securitytracker.com/id/1039006 http://www.securitytracker.com/id/1039007 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170727-ospf • CWE-20: Improper Input Validation •
CVSS: 7.7EPSS: 0%CPEs: 97EXPL: 0CVE-2017-6610
https://notcve.org/view.php?id=CVE-2017-6610
A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. The vulnerability is due to insufficient validation of the IKEv1 XAUTH parameters passed during an IKEv1 negotiation. An attacker could exploit this vulnerability by sending crafted parameters. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability only affects systems configured in routed firewall mode and in single or multiple context mode. • http://www.securityfocus.com/bid/97934 http://www.securitytracker.com/id/1038314 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-xauth • CWE-20: Improper Input Validation CWE-399: Resource Management Errors •
CVSS: 8.6EPSS: 0%CPEs: 71EXPL: 0CVE-2017-6608
https://notcve.org/view.php?id=CVE-2017-6608
A vulnerability in the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to improper parsing of crafted SSL or TLS packets. An attacker could exploit this vulnerability by sending a crafted packet to the affected system. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed and transparent firewall mode and in single or multiple context mode. • http://www.securityfocus.com/bid/97937 http://www.securitytracker.com/id/1038315 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170419-asa-tls • CWE-399: Resource Management Errors •