Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-0240

Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerabilities are due to logical errors during traffic inspection. An attacker could exploit these vulnerabilities by sending a high volume of malicious traffic across an affected device. An exploit could allow the attacker to cause a deadlock condition, resulting in a reload of an affected device. These vulnerabilities affect Cisco ASA Software and Cisco FTD Software configured for Application Layer Protocol Inspection running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCve61540, CSCvh23085, CSCvh95456.

Published

2018-04-19T20:29:00.817

Last Modified

2024-11-21T03:37:47.810

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.6 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: COMPLETE

Exploitability Score

10.0

Impact Score

6.9

Weaknesses

Type: Secondary
CWE-399
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	cisco	firepower_threat_defense	≤ 6.1.0.7	Yes
Application	cisco	firepower_threat_defense	< 6.2.0.5	Yes
Application	cisco	firepower_threat_defense	< 6.2.2.2	Yes
Operating System	cisco	adaptive_security_appliance_software	< 9.6.4.6	Yes
Operating System	cisco	adaptive_security_appliance_software	< 9.7.1.24	Yes
Operating System	cisco	adaptive_security_appliance_software	< 9.8.2.24	Yes
Operating System	cisco	adaptive_security_appliance_software	< 9.9.1.4	Yes
Application	cisco	adaptive_security_virtual_appliance	-	No
Application	cisco	firepower_threat_defense_virtual	-	No
Hardware	cisco	7604	-	No
Hardware	cisco	7606-s	-	No
Hardware	cisco	7609-s	-	No
Hardware	cisco	7613-s	-	No
Hardware	cisco	asa-5505	-	No
Hardware	cisco	asa-5506-x	-	No
Hardware	cisco	asa-5506h-x	-	No
Hardware	cisco	asa-5512-x	-	No
Hardware	cisco	asa-5515-x	-	No
Hardware	cisco	asa-5520	-	No
Hardware	cisco	asa-5540	-	No
Hardware	cisco	asa-5545-x	-	No
Hardware	cisco	asa-5555-x	-	No
Hardware	cisco	asa-5585-x	-	No
Hardware	cisco	asa_5506-x	-	No
Hardware	cisco	asa_5506w-x	-	No
Hardware	cisco	asa_5508-x	-	No
Hardware	cisco	asa_5510	-	No
Hardware	cisco	asa_5516-x	-	No
Hardware	cisco	asa_5525-x	-	No
Hardware	cisco	asa_5550	-	No
Hardware	cisco	asa_5555-x	-	No
Hardware	cisco	asa_5580	-	No
Hardware	cisco	catalyst_6500-e	-	No
Hardware	cisco	catalyst_6503-e	-	No
Hardware	cisco	catalyst_6504-e	-	No
Hardware	cisco	catalyst_6506-e	-	No
Hardware	cisco	catalyst_6509-e	-	No
Hardware	cisco	catalyst_6509-neb-a	-	No
Hardware	cisco	catalyst_6509-v-e	-	No
Hardware	cisco	catalyst_6513	-	No
Hardware	cisco	catalyst_6513-e	-	No
Hardware	cisco	firepower_2110	-	No
Hardware	cisco	firepower_2120	-	No
Hardware	cisco	firepower_2130	-	No
Hardware	cisco	firepower_2140	-	No
Hardware	cisco	firepower_4110	-	No
Hardware	cisco	firepower_4120	-	No
Hardware	cisco	firepower_4140	-	No
Hardware	cisco	firepower_4150	-	No
Hardware	cisco	firepower_9300	-	No
Hardware	cisco	isa-3000-2c2f	-	No
Hardware	cisco	isa-3000-4c	-	No

References

http://www.securityfocus.com/bid/103934 Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id/1040722 Broken Link, Third Party Advisory, VDB Entry ([email protected])
https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01 Third Party Advisory, US Government Resource ([email protected])
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/103934 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1040722 Broken Link, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01 Third Party Advisory, US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)