CVE-2018-0385
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the detection engine parsing of Security Socket Layer (SSL) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. The vulnerability is due to improper input handling of the SSL traffic. An attacker could exploit this vulnerability by sending a crafted SSL traffic to the detection engine on the targeted device. An exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped. Cisco Bug IDs: CSCvi36434.
Una vulnerabilidad en el análisis del motor de detección del protocolo Secure Sockets Layer (SSL) de Cisco Firepower System Software podría permitir que un atacante remoto no autenticado provoque una condición de denegación de servicio (DoS) debido a que el proceso Snort se reinicia inesperadamente. La vulnerabilidad se debe a la gestión indebida del tráfico SSL. Un atacante podría explotar esta vulnerabilidad enviando tráfico SSL manipulado al motor de detección del dispositivo objetivo. Su explotación podría permitir que el atacante provoque una condición DoS si el proceso Snort se reinicia y se omite la inspección de tráfico o se deja el tráfico. Cisco Bug IDs: CSCvi36434.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-11-27 CVE Reserved
- 2018-07-16 CVE Published
- 2024-05-25 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-399: Resource Management Errors
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/104727 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Firepower Management Center Search vendor "Cisco" for product "Firepower Management Center" | 5.4.0 Search vendor "Cisco" for product "Firepower Management Center" and version "5.4.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Management Center Search vendor "Cisco" for product "Firepower Management Center" | 6.0.0 Search vendor "Cisco" for product "Firepower Management Center" and version "6.0.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Management Center Search vendor "Cisco" for product "Firepower Management Center" | 6.1.0 Search vendor "Cisco" for product "Firepower Management Center" and version "6.1.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Management Center Search vendor "Cisco" for product "Firepower Management Center" | 6.2.0 Search vendor "Cisco" for product "Firepower Management Center" and version "6.2.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Management Center Search vendor "Cisco" for product "Firepower Management Center" | 6.2.2 Search vendor "Cisco" for product "Firepower Management Center" and version "6.2.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Management Center Search vendor "Cisco" for product "Firepower Management Center" | 6.2.3 Search vendor "Cisco" for product "Firepower Management Center" and version "6.2.3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Management Center Search vendor "Cisco" for product "Firepower Management Center" | 6.3.0 Search vendor "Cisco" for product "Firepower Management Center" and version "6.3.0" | - |
Affected
| ||||||