Sign-up

ID

VAR-201804-0998


CVE

CVE-2018-0244


TITLE

Cisco Firepower System Vulnerability related to failure of protection mechanism in software

Trust: 0.8

sources: JVNDB: JVNDB-2018-004413

DESCRIPTION

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy to drop the Server Message Block (SMB) protocol if a malware file is detected. The vulnerability is due to how the SMB protocol handles a case in which a large file transfer fails. This case occurs when some pieces of the file are successfully transferred to the remote endpoint, but ultimately the file transfer fails and is reset. An attacker could exploit this vulnerability by sending a crafted SMB file transfer request through the targeted device. An exploit could allow the attacker to pass an SMB file that contains malware, which the device is configured to block. This vulnerability affects Cisco Firepower System Software when one or more file action policies are configured, on software releases prior to 6.2.3. Cisco Bug IDs: CSCvc20141. Vendors have confirmed this vulnerability Bug ID CSCvc20141 It is released as.Information may be tampered with. Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. The detection engine is one of the intrusion detection engines

Trust: 1.98

sources: NVD: CVE-2018-0244 // JVNDB: JVNDB-2018-004413 // BID: 103945 // VULHUB: VHN-118446

AFFECTED PRODUCTS

vendor:ciscomodel:firepower threat defensescope:ltversion:6.2.3

Trust: 1.0

vendor:ciscomodel:firepower threat defense softwarescope:ltversion:6.2.3

Trust: 0.8

vendor:ciscomodel:firepower threat defensescope:eqversion:6.0.0

Trust: 0.6

vendor:ciscomodel:firepower threat defensescope:eqversion:5.4.0

Trust: 0.6

vendor:ciscomodel:firepower threat defensescope:eqversion:5.3.0

Trust: 0.6

vendor:ciscomodel:firepower threat defensescope:eqversion:6.0.1

Trust: 0.6

vendor:ciscomodel:firepower threat defensescope:eqversion:6.1.0

Trust: 0.6

vendor:ciscomodel:firepower system softwarescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:firepower management centerscope:eqversion:6.2.2

Trust: 0.3

vendor:ciscomodel:firepower management centerscope:eqversion:6.2

Trust: 0.3

vendor:ciscomodel:firepower management centerscope:neversion:6.2.3

Trust: 0.3

sources: BID: 103945 // JVNDB: JVNDB-2018-004413 // CNNVD: CNNVD-201804-1098 // NVD: CVE-2018-0244

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0244
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-0244
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201804-1098
value: MEDIUM

Trust: 0.6

VULHUB: VHN-118446
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-0244
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-118446
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-0244
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-118446 // JVNDB: JVNDB-2018-004413 // CNNVD: CNNVD-201804-1098 // NVD: CVE-2018-0244

PROBLEMTYPE DATA

problemtype:CWE-693

Trust: 1.9

sources: VULHUB: VHN-118446 // JVNDB: JVNDB-2018-004413 // NVD: CVE-2018-0244

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201804-1098

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201804-1098

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-004413

PATCH
title:cisco-sa-20180418-fss1url:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss1
Trust: 0.8
title:Cisco Firepower System Software detection Repair measures for engine security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=81393
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2018-004413 // 
            
            
            
            CNNVD: CNNVD-201804-1098

EXTERNAL IDS
db:NVDid:CVE-2018-0244
Trust: 2.8
db:BIDid:103945
Trust: 2.0
db:JVNDBid:JVNDB-2018-004413
Trust: 0.8
db:CNNVDid:CNNVD-201804-1098
Trust: 0.6
db:VULHUBid:VHN-118446
Trust: 0.1
sources:
            
            
            VULHUB: VHN-118446 // 
            
            
            
            BID: 103945 // 
            
            
            
            JVNDB: JVNDB-2018-004413 // 
            
            
            
            CNNVD: CNNVD-201804-1098 // 
            
            
            
            NVD: CVE-2018-0244

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180418-fss1
Trust: 2.0
url:http://www.securityfocus.com/bid/103945
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0244
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-0244
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-118446 // 
            
            
            
            BID: 103945 // 
            
            
            
            JVNDB: JVNDB-2018-004413 // 
            
            
            
            CNNVD: CNNVD-201804-1098 // 
            
            
            
            NVD: CVE-2018-0244

CREDITS
Cisco.
Trust: 0.3
sources:
            
            
            BID: 103945

SOURCES
db:VULHUBid:VHN-118446
db:BIDid:103945
db:JVNDBid:JVNDB-2018-004413
db:CNNVDid:CNNVD-201804-1098
db:NVDid:CVE-2018-0244

LAST UPDATE DATE
2024-11-23T22:55:54.370000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-118446date:2019-10-09T00:00:00
db:BIDid:103945date:2018-04-18T00:00:00
db:JVNDBid:JVNDB-2018-004413date:2018-06-19T00:00:00
db:CNNVDid:CNNVD-201804-1098date:2019-10-17T00:00:00
db:NVDid:CVE-2018-0244date:2024-11-21T03:37:48.303

SOURCES RELEASE DATE
db:VULHUBid:VHN-118446date:2018-04-19T00:00:00
db:BIDid:103945date:2018-04-18T00:00:00
db:JVNDBid:JVNDB-2018-004413date:2018-06-19T00:00:00
db:CNNVDid:CNNVD-201804-1098date:2018-04-19T00:00:00
db:NVDid:CVE-2018-0244date:2018-04-19T20:29:01.020