CVE-2018-15399
Cisco Adaptive Security Appliance TCP Syslog Denial of Service Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the TCP syslog module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust the 1550-byte buffers on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing boundary check in an internal function. An attacker could exploit this vulnerability by establishing a man-in-the-middle position between an affected device and its configured TCP syslog server and then maliciously modifying the TCP header in segments that are sent from the syslog server to the affected device. A successful exploit could allow the attacker to exhaust buffer on the affected device and cause all TCP-based features to stop functioning, resulting in a DoS condition. The affected TCP-based features include AnyConnect SSL VPN, clientless SSL VPN, and management connections such as Secure Shell (SSH), Telnet, and HTTPS.
Una vulnerabilidad en el módulo TCP syslog de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software podrían permitir que un atacante remoto no autenticado agote los búfers de 1550 bytes en un dispositivo afectado, lo que resulta en una denegación de servicio (DoS). La vulnerabilidad se debe a una falta de comprobación de límites en una función interna. Un atacante podría explotar esta vulnerabilidad estableciendo una posición Man-in-the-Middle (MitM) entre un dispositivo afectado y su servidor syslog TCP configurado y, después, modificando la cabecera TCP en los segmentos que se envían desde el servidor syslog al dispositivo afectado. Su explotación con éxito podría permitir que el atacante agote el búfer del dispositivo afectado y haga que todas las funcionalidades basadas en TCP dejen de funcionar, lo que resulta en una denegación de servicio (DoS). Las funcionalidades basadas en TCP incluyen AnyConnect SSL VPN y SSL VPN sin cliente, así como las conexiones de gestión como Secure Shell (SSH), Telnet y HTTPS.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-08-17 CVE Reserved
- 2018-10-05 CVE Published
- 2024-08-12 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-400: Uncontrolled Resource Consumption
- CWE-770: Allocation of Resources Without Limits or Throttling
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securitytracker.com/id/1041785 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | 9.4\(4\) Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version "9.4\(4\)" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | 9.8\(2\) Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version "9.8\(2\)" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 6.2.0 Search vendor "Cisco" for product "Firepower Threat Defense" and version "6.2.0" | - |
Affected
| ||||||