CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2018-15398 – Cisco Adaptive Security Appliance Access Control List Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2018-15398
A vulnerability in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control list (ACL) that is configured for an interface of an affected device. The vulnerability is due to errors that could occur when the affected software constructs and applies per-user-override rules. An attacker could exploit this vulnerability by connecting to a network through an affected device that has a vulnerable configuration. A successful exploit could allow the attacker to access resources that are behind the affected device and would typically be protected by the interface ACL. Una vulnerabilidad en la característica per-user-override de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software podría permitir que un atacante remoto no autenticado omita una lista de control de acceso (ACL) que está configurada para una interfaz de un dispositivo afectado. • http://www.securityfocus.com/bid/105517 http://www.securitytracker.com/id/1041788 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-acl-bypass • CWE-284: Improper Access Control •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2018-15399 – Cisco Adaptive Security Appliance TCP Syslog Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-15399
A vulnerability in the TCP syslog module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust the 1550-byte buffers on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing boundary check in an internal function. An attacker could exploit this vulnerability by establishing a man-in-the-middle position between an affected device and its configured TCP syslog server and then maliciously modifying the TCP header in segments that are sent from the syslog server to the affected device. A successful exploit could allow the attacker to exhaust buffer on the affected device and cause all TCP-based features to stop functioning, resulting in a DoS condition. The affected TCP-based features include AnyConnect SSL VPN, clientless SSL VPN, and management connections such as Secure Shell (SSH), Telnet, and HTTPS. • http://www.securitytracker.com/id/1041785 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-syslog-dos • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 97%CPEs: 14EXPL: 7CVE-2018-0296 – Cisco Adaptive Security Appliance (ASA) Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-0296
A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. • https://www.exploit-db.com/exploits/47220 https://www.exploit-db.com/exploits/44956 https://github.com/yassineaboukir/CVE-2018-0296 https://github.com/milo2012/CVE-2018-0296 https://github.com/bhenner1/CVE-2018-0296 https://github.com/qiantu88/CVE-2018-0296 http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html http://www.securityfocus.com/bid/104612 http://www.securitytracker.com/id/1041076 https://ics-cert.us-cert.gov/advisories/ICSA- • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.1EPSS: 0%CPEs: 14EXPL: 0CVE-2018-0242
https://notcve.org/view.php?id=CVE-2018-0242
A vulnerability in the WebVPN web-based management interface of Cisco Adaptive Security Appliance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. Cisco Bug IDs: CSCvg33985. • http://www.securityfocus.com/bid/103932 http://www.securitytracker.com/id/1040713 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asawvpn • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2018-0227
https://notcve.org/view.php?id=CVE-2018-0227
A vulnerability in the Secure Sockets Layer (SSL) Virtual Private Network (VPN) Client Certificate Authentication feature for Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to establish an SSL VPN connection and bypass certain SSL certificate verification steps. The vulnerability is due to incorrect verification of the SSL Client Certificate. An attacker could exploit this vulnerability by connecting to the ASA VPN without a proper private key and certificate pair. A successful exploit could allow the attacker to establish an SSL VPN connection to the ASA when the connection should have been rejected. This vulnerability affects Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliances (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliances (ASAv), Firepower 4110 Security Appliances, Firepower 9300 ASA Security Modules. • http://www.securityfocus.com/bid/104018 http://www.securitytracker.com/id/1040723 https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa1 • CWE-295: Improper Certificate Validation •