// For flags

CVE-2018-0296

Cisco Adaptive Security Appliance (ASA) Denial-of-Service Vulnerability

Severity Score

7.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

7
*Multiple Sources

Exploited in Wild

Yes
*KEV

Decision

Act
*SSVC
Descriptions

A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.

Una vulnerabilidad en la interfaz web de Cisco Adaptive Security Appliance (ASA) podría permitir que un atacante remoto sin autenticar haga que el dispositivo afectado se reinicie inesperadamente y provoque una denegación de servicio (DoS) como consecuencia. También es posible en ciertas versiones del software que ASA no se recargue, pero un atacante podría ver información sensible del sistema sin autenticación mediante el uso de técnicas de salto de directorio. Esta vulnerabilidad se debe a la falta de validación de entradas adecuada de la URL HTTP. Un atacante podría explotar esta vulnerabilidad enviando una petición HTTP manipulada a un dispositivo afectado. Su explotación podría permitir a un atacante provocar una denegación de servicio o la divulgación no autenticada de información. Esta vulnerabilidad aplica al tráfico HTTP IPv4 y IPv6. Esta vulnerabilidad afecta a las versiones de Cisco ASA Software y Cisco Firepower Threat Defense (FTD) Software que se ejecutan en los siguientes productos de Cisco: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module y FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.

Cisco Adaptive Security Appliance suffers from a path traversal vulnerability.

Cisco Adaptive Security Appliance (ASA) contains an improper input validation vulnerability with HTTP URLs. Exploitation could allow an attacker to cause a denial-of-service (DoS) condition or information disclosure.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:Act
Exploitation
Active
Automatable
Yes
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2017-11-27 CVE Reserved
  • 2018-06-07 CVE Published
  • 2018-06-26 First Exploit
  • 2021-11-03 Exploited in Wild
  • 2022-05-03 KEV Due Date
  • 2024-10-22 EPSS Updated
  • 2024-11-13 CVE Updated
CWE
  • CWE-20: Improper Input Validation
  • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.1 < 9.1.7.29
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.1 < 9.1.7.29"
-
Affected
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.2 < 9.2.4.33
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.2 < 9.2.4.33"
-
Affected
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.3 < 9.4.4.18
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.3 < 9.4.4.18"
-
Affected
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.5 < 9.6.4.8
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.5 < 9.6.4.8"
-
Affected
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.8 < 9.8.2.28
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.8 < 9.8.2.28"
-
Affected
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.9 < 9.9.2.1
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.9 < 9.9.2.1"
-
Affected
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
8.1\(2.5\)
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version "8.1\(2.5\)"
-
Affected
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
>= 9.7 < 9.7.1.24
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.7 < 9.7.1.24"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Threat Defense
Search vendor "Cisco" for product "Firepower Threat Defense"
>= 6.0 < 6.1.0
Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.0 < 6.1.0"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Threat Defense
Search vendor "Cisco" for product "Firepower Threat Defense"
>= 6.2.1 < 6.2.2.3
Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.2.1 < 6.2.2.3"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Threat Defense
Search vendor "Cisco" for product "Firepower Threat Defense"
6.2.3
Search vendor "Cisco" for product "Firepower Threat Defense" and version "6.2.3"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Threat Defense
Search vendor "Cisco" for product "Firepower Threat Defense"
6.2.3-85.02
Search vendor "Cisco" for product "Firepower Threat Defense" and version "6.2.3-85.02"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Threat Defense
Search vendor "Cisco" for product "Firepower Threat Defense"
6.2.3-851
Search vendor "Cisco" for product "Firepower Threat Defense" and version "6.2.3-851"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Threat Defense
Search vendor "Cisco" for product "Firepower Threat Defense"
6.2.3.1
Search vendor "Cisco" for product "Firepower Threat Defense" and version "6.2.3.1"
-
Affected