CVE-2018-15398

Cisco Adaptive Security Appliance Access Control List Bypass Vulnerability

Severity Score

4.0

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A vulnerability in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control list (ACL) that is configured for an interface of an affected device. The vulnerability is due to errors that could occur when the affected software constructs and applies per-user-override rules. An attacker could exploit this vulnerability by connecting to a network through an affected device that has a vulnerable configuration. A successful exploit could allow the attacker to access resources that are behind the affected device and would typically be protected by the interface ACL.

Una vulnerabilidad en la característica per-user-override de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software podría permitir que un atacante remoto no autenticado omita una lista de control de acceso (ACL) que está configurada para una interfaz de un dispositivo afectado. La vulnerabilidad se debe a errores que podrían ocurrir cuando el software afectado construye y aplica reglas per-user-override. Un atacante podría explotar esta vulnerabilidad conectándose a una red mediante un dispositivo afectado con una configuración vulnerable. Su explotación con éxito podría permitir que el atacante acceda a recursos tras el dispositivo afectado y que normalmente estarían protegidos por el ACL de la interfaz.

*Credits: N/A

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

None

Integrity

Low

Availability

None

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2018-08-17 CVE Reserved
2018-10-05 CVE Published
2024-07-18 EPSS Updated
2024-09-17 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-284: Improper Access Control

CAPEC

References (3)

URL	Tag	Source
http://www.securityfocus.com/bid/105517	Third Party Advisory
http://www.securitytracker.com/id/1041788	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-acl-bypass	2023-08-11

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"		Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software"				9.6\(4.3\) Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version "9.6\(4.3\)"		-		Affected
Cisco Search vendor "Cisco"		Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software"				9.4\(2\) Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version "9.4\(2\)"		-		Affected
Cisco Search vendor "Cisco"		Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software"				9.4\(4\) Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version "9.4\(4\)"		-		Affected
Cisco Search vendor "Cisco"		Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense"				6.2.0 Search vendor "Cisco" for product "Firepower Threat Defense" and version "6.2.0"		-		Affected