CVE-2018-0353
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in traffic-monitoring functions in Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to circumvent Layer 4 Traffic Monitor (L4TM) functionality and bypass security protections. The vulnerability is due to a change in the underlying operating system software that is responsible for monitoring affected traffic. An attacker could exploit this vulnerability by sending crafted IP packets to an affected device. A successful exploit could allow the attacker to pass traffic through the device, which the WSA was configured to deny. This vulnerability affects both IPv4 and IPv6 traffic. This vulnerability affects Cisco AsyncOS versions for WSA on both virtual and hardware appliances running any release of the 10.5.1, 10.5.2, or 11.0.0 WSA Software. The WSA is vulnerable if it is configured for L4TM. Cisco Bug IDs: CSCvg78875.
Una vulnerabilidad en las funciones de monitorización de tráfico en Cisco Web Security Appliance (WSA) podría permitir que un atacante remoto no autenticado omita la funcionalidad L4TM (Layer 4 Traffic Monitor) y omita las protecciones de seguridad. La vulnerabilidad se debe a un cambio en el software del sistema operativo subyacente responsable de monitorizar el tráfico afectado. Un atacante podría explotar esta vulnerabilidad enviando paquetes IP manipulados a un dispositivo afectado. Su explotación con éxito podría permitir que el atacante pase tráfico a través del dispositivo, que WSA debía denegar por su configuración. Esta vulnerabilidad afecta al tráfico IPv4 y IPv6. La vulnerabilidad afecta a las versiones de Cisco AsyncOS para WSA, tanto en máquinas virtuales como físicas que ejecuten cualquier distribución del software WSA en versiones 10.5.1, 10.5.2 o 11.0.0. WSA es vulnerable si está configurado para L4TM. Cisco Bug IDs: CSCvg78875.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-11-27 CVE Reserved
- 2018-06-07 CVE Published
- 2023-12-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-254: 7PK - Security Features
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/104417 | Third Party Advisory | |
| http://www.securitytracker.com/id/1041081 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-wsa | 2019-10-09 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Web Security Appliance Search vendor "Cisco" for product "Web Security Appliance" | 10.5.1 Search vendor "Cisco" for product "Web Security Appliance" and version "10.5.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Web Security Appliance Search vendor "Cisco" for product "Web Security Appliance" | 10.5.1-296 Search vendor "Cisco" for product "Web Security Appliance" and version "10.5.1-296" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Web Security Appliance Search vendor "Cisco" for product "Web Security Appliance" | 10.5.2 Search vendor "Cisco" for product "Web Security Appliance" and version "10.5.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Web Security Appliance Search vendor "Cisco" for product "Web Security Appliance" | 11.0.0 Search vendor "Cisco" for product "Web Security Appliance" and version "11.0.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Web Security Appliance Search vendor "Cisco" for product "Web Security Appliance" | 11.5.0-fcs-442 Search vendor "Cisco" for product "Web Security Appliance" and version "11.5.0-fcs-442" | - |
Affected
| ||||||