Details of VAR-201803-1402

ID

VAR-201803-1402

CVE

CVE-2018-0087

TITLE

Cisco Web Security Appliance Vulnerabilities related to security functions

Trust: 0.8

sources: JVNDB: JVNDB-2018-002690

DESCRIPTION

A vulnerability in the FTP server of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to log in to the FTP server of the device without a valid password. The attacker does need to have a valid username. The vulnerability is due to incorrect FTP user credential validation. An attacker could exploit this vulnerability by using FTP to connect to the management IP address of the targeted device. A successful exploit could allow the attacker to log in to the FTP server of the Cisco WSA without having a valid password. This vulnerability affects Cisco AsyncOS for WSA Software on both virtual and hardware appliances that are running any release of Cisco AsyncOS 10.5.1 for WSA Software. The device is vulnerable only if FTP is enabled on the management interface. FTP is disabled by default. Cisco Bug IDs: CSCvf74281. Vendors have confirmed this vulnerability Bug ID CSCvf74281 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco WebSecurity Appliance (WSA) is designed to help organizations address the growing challenges of protecting and controlling network traffic, making it easier and faster to deploy while reducing maintenance requirements, latency, and operational costs. An attacker can exploit this issue to bypass authentication mechanism and perform unauthorized actions. This may lead to further attacks. The appliance provides SaaS-based access control, real-time network reporting and tracking, and security policy formulation. AsyncOS is an operating system that runs on it. FTP server is one of the FTP servers

Trust: 2.52

sources: NVD: CVE-2018-0087 // JVNDB: JVNDB-2018-002690 // CNVD: CNVD-2018-06716 // BID: 103407 // VULHUB: VHN-118289

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-06716

AFFECTED PRODUCTS

vendor:	cisco	model:	asyncos	scope:	eq	version:	10.5.1-296	Trust: 1.9
vendor:	cisco	model:	asyncos	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	web security appliance	scope:	eq	version:	10.5.1	Trust: 0.6
vendor:	cisco	model:	web security appliance	scope:	eq	version:	10.5.1-296	Trust: 0.3
vendor:	cisco	model:	asyncos	scope:	eq	version:	10.5.1	Trust: 0.3
vendor:	cisco	model:	web security appliance	scope:	ne	version:	10.5.2-034	Trust: 0.3
vendor:	cisco	model:	asyncos	scope:	ne	version:	10.5.2-042	Trust: 0.3

sources: CNVD: CNVD-2018-06716 // BID: 103407 // JVNDB: JVNDB-2018-002690 // CNNVD: CNNVD-201803-264 // NVD: CVE-2018-0087

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-0087
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2018-0087
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2018-06716
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201803-264
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-118289
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-0087
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-06716
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-118289
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-0087
baseSeverity:	MEDIUM
baseScore:	5.6
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	2.2
impactScore:	3.4
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2018-06716 // VULHUB: VHN-118289 // JVNDB: JVNDB-2018-002690 // CNNVD: CNNVD-201803-264 // NVD: CVE-2018-0087

PROBLEMTYPE DATA

problemtype:	CWE-287	Trust: 1.9
problemtype:	CWE-254	Trust: 0.9

sources: VULHUB: VHN-118289 // JVNDB: JVNDB-2018-002690 // NVD: CVE-2018-0087

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201803-264

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201803-264

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-002690

PATCH

title:	cisco-sa-20180307-wsa	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-wsa	Trust: 0.8
title:	CiscoWebSecurityApplianceFTP authentication bypasses the patch for the vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/124331	Trust: 0.6
title:	Cisco Web Security Appliance FTP Server security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=78997	Trust: 0.6

sources: CNVD: CNVD-2018-06716 // JVNDB: JVNDB-2018-002690 // CNNVD: CNNVD-201803-264

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0087	Trust: 3.4
db:	BID	id:	103407	Trust: 2.0
db:	SECTRACK	id:	1040464	Trust: 1.7
db:	JVNDB	id:	JVNDB-2018-002690	Trust: 0.8
db:	CNNVD	id:	CNNVD-201803-264	Trust: 0.7
db:	CNVD	id:	CNVD-2018-06716	Trust: 0.6
db:	VULHUB	id:	VHN-118289	Trust: 0.1

sources: CNVD: CNVD-2018-06716 // VULHUB: VHN-118289 // BID: 103407 // JVNDB: JVNDB-2018-002690 // CNNVD: CNNVD-201803-264 // NVD: CVE-2018-0087

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180307-wsa	Trust: 2.6
url:	http://www.securityfocus.com/bid/103407	Trust: 1.7
url:	http://www.securitytracker.com/id/1040464	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0087	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0087	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2018-06716 // VULHUB: VHN-118289 // BID: 103407 // JVNDB: JVNDB-2018-002690 // CNNVD: CNNVD-201803-264 // NVD: CVE-2018-0087

CREDITS

Cisco

Trust: 0.3

sources: BID: 103407

SOURCES

db:	CNVD	id:	CNVD-2018-06716
db:	VULHUB	id:	VHN-118289
db:	BID	id:	103407
db:	JVNDB	id:	JVNDB-2018-002690
db:	CNNVD	id:	CNNVD-201803-264
db:	NVD	id:	CVE-2018-0087

LAST UPDATE DATE

2024-11-23T22:52:11.530000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-06716	date:	2018-03-29T00:00:00
db:	VULHUB	id:	VHN-118289	date:	2019-10-09T00:00:00
db:	BID	id:	103407	date:	2018-03-07T00:00:00
db:	JVNDB	id:	JVNDB-2018-002690	date:	2018-04-24T00:00:00
db:	CNNVD	id:	CNNVD-201803-264	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-0087	date:	2024-11-21T03:37:29.773

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-06716	date:	2018-03-29T00:00:00
db:	VULHUB	id:	VHN-118289	date:	2018-03-08T00:00:00
db:	BID	id:	103407	date:	2018-03-07T00:00:00
db:	JVNDB	id:	JVNDB-2018-002690	date:	2018-04-24T00:00:00
db:	CNNVD	id:	CNNVD-201803-264	date:	2018-03-09T00:00:00
db:	NVD	id:	CVE-2018-0087	date:	2018-03-08T07:29:00.223