CVE-2018-0231
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious TLS message to an interface enabled for Secure Layer Socket (SSL) services on an affected device. Messages using SSL Version 3 (SSLv3) or SSL Version 2 (SSLv2) cannot be be used to exploit this vulnerability. An exploit could allow the attacker to cause a buffer underflow, triggering a crash on an affected device. This vulnerability affects Cisco ASA Software and Cisco FTD Software that is running on the following Cisco products: Adaptive Security Virtual Appliance (ASAv), Firepower Threat Defense Virtual (FTDv), Firepower 2100 Series Security Appliance. Cisco Bug IDs: CSCve18902, CSCve34335, CSCve38446.
Una vulnerabilidad en la biblioteca Transport Layer Security (TLS) de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software podría permitir que un atacante remoto no autenticado desencadene una recarga del dispositivo afectado, lo que resulta en una denegación de servicio (DoS). Esta vulnerabilidad se debe a una validación insuficiente de las entradas realizadas por el usuario. Un atacante podría explotar esta vulnerabilidad enviando un mensaje TLS malicioso a una interfaz habilitada para los servicios SSL (Secure Sockets Layer) en un dispositivo afectado. Los mensajes que empleen la versión 3 (SSLv3) o la versión 2 (SSLv2) de SSL no pueden emplearse para explotar esta vulnerabilidad. Su explotación podría permitir que el atacante provoque un subdesbordamiento de búfer, desencadenando un cierre inesperado en el dispositivo afectado. Esta vulnerabilidad afecta a las versiones de Cisco ASA Software y Cisco FTD Software que se ejecutan en los siguientes productos de Cisco: Adaptive Security Virtual Appliance (ASAv), Firepower Threat Defense Virtual (FTDv) y Firepower 2100 Series Security Appliance. Cisco Bug IDs: CSCve18902, CSCve34335, CSCve38446.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-11-27 CVE Reserved
- 2018-04-19 CVE Published
- 2023-10-20 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-787: Out-of-bounds Write
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
http://www.securitytracker.com/id/1040725 | Third Party Advisory | |
https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3 | 2023-08-15 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | 9.8\(1\) Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version "9.8\(1\)" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | 98.1\(1.154\) Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version "98.1\(1.154\)" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.0 < 6.1.0.6 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.0 < 6.1.0.6" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.2.1 < 6.2.2.1 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.2.1 < 6.2.2.1" | - |
Affected
|