// For flags

CVE-2018-15399

Cisco Adaptive Security Appliance TCP Syslog Denial of Service Vulnerability

Severity Score

6.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A vulnerability in the TCP syslog module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust the 1550-byte buffers on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing boundary check in an internal function. An attacker could exploit this vulnerability by establishing a man-in-the-middle position between an affected device and its configured TCP syslog server and then maliciously modifying the TCP header in segments that are sent from the syslog server to the affected device. A successful exploit could allow the attacker to exhaust buffer on the affected device and cause all TCP-based features to stop functioning, resulting in a DoS condition. The affected TCP-based features include AnyConnect SSL VPN, clientless SSL VPN, and management connections such as Secure Shell (SSH), Telnet, and HTTPS.

Una vulnerabilidad en el módulo TCP syslog de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software podrían permitir que un atacante remoto no autenticado agote los búfers de 1550 bytes en un dispositivo afectado, lo que resulta en una denegación de servicio (DoS). La vulnerabilidad se debe a una falta de comprobación de límites en una función interna. Un atacante podría explotar esta vulnerabilidad estableciendo una posición Man-in-the-Middle (MitM) entre un dispositivo afectado y su servidor syslog TCP configurado y, después, modificando la cabecera TCP en los segmentos que se envían desde el servidor syslog al dispositivo afectado. Su explotación con éxito podría permitir que el atacante agote el búfer del dispositivo afectado y haga que todas las funcionalidades basadas en TCP dejen de funcionar, lo que resulta en una denegación de servicio (DoS). Las funcionalidades basadas en TCP incluyen AnyConnect SSL VPN y SSL VPN sin cliente, así como las conexiones de gestión como Secure Shell (SSH), Telnet y HTTPS.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2018-08-17 CVE Reserved
  • 2018-10-05 CVE Published
  • 2024-08-12 EPSS Updated
  • 2024-09-17 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-400: Uncontrolled Resource Consumption
  • CWE-770: Allocation of Resources Without Limits or Throttling
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
9.4\(4\)
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version "9.4\(4\)"
-
Affected
Cisco
Search vendor "Cisco"
Adaptive Security Appliance Software
Search vendor "Cisco" for product "Adaptive Security Appliance Software"
9.8\(2\)
Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version "9.8\(2\)"
-
Affected
Cisco
Search vendor "Cisco"
Firepower Threat Defense
Search vendor "Cisco" for product "Firepower Threat Defense"
6.2.0
Search vendor "Cisco" for product "Firepower Threat Defense" and version "6.2.0"
-
Affected