// For flags

CVE-2018-0385

 

Severity Score

7.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A vulnerability in the detection engine parsing of Security Socket Layer (SSL) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. The vulnerability is due to improper input handling of the SSL traffic. An attacker could exploit this vulnerability by sending a crafted SSL traffic to the detection engine on the targeted device. An exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped. Cisco Bug IDs: CSCvi36434.

Una vulnerabilidad en el análisis del motor de detección del protocolo Secure Sockets Layer (SSL) de Cisco Firepower System Software podría permitir que un atacante remoto no autenticado provoque una condición de denegación de servicio (DoS) debido a que el proceso Snort se reinicia inesperadamente. La vulnerabilidad se debe a la gestión indebida del tráfico SSL. Un atacante podría explotar esta vulnerabilidad enviando tráfico SSL manipulado al motor de detección del dispositivo objetivo. Su explotación podría permitir que el atacante provoque una condición DoS si el proceso Snort se reinicia y se omite la inspección de tráfico o se deja el tráfico. Cisco Bug IDs: CSCvi36434.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2017-11-27 CVE Reserved
  • 2018-07-16 CVE Published
  • 2024-05-25 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-20: Improper Input Validation
  • CWE-399: Resource Management Errors
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Firepower Management Center
Search vendor "Cisco" for product "Firepower Management Center"
5.4.0
Search vendor "Cisco" for product "Firepower Management Center" and version "5.4.0"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Management Center
Search vendor "Cisco" for product "Firepower Management Center"
6.0.0
Search vendor "Cisco" for product "Firepower Management Center" and version "6.0.0"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Management Center
Search vendor "Cisco" for product "Firepower Management Center"
6.1.0
Search vendor "Cisco" for product "Firepower Management Center" and version "6.1.0"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Management Center
Search vendor "Cisco" for product "Firepower Management Center"
6.2.0
Search vendor "Cisco" for product "Firepower Management Center" and version "6.2.0"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Management Center
Search vendor "Cisco" for product "Firepower Management Center"
6.2.2
Search vendor "Cisco" for product "Firepower Management Center" and version "6.2.2"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Management Center
Search vendor "Cisco" for product "Firepower Management Center"
6.2.3
Search vendor "Cisco" for product "Firepower Management Center" and version "6.2.3"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Management Center
Search vendor "Cisco" for product "Firepower Management Center"
6.3.0
Search vendor "Cisco" for product "Firepower Management Center" and version "6.3.0"
-
Affected