Sign-up

ID

VAR-201804-1013


CVE

CVE-2018-0231


TITLE

Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-004346

DESCRIPTION

A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious TLS message to an interface enabled for Secure Layer Socket (SSL) services on an affected device. Messages using SSL Version 3 (SSLv3) or SSL Version 2 (SSLv2) cannot be be used to exploit this vulnerability. An exploit could allow the attacker to cause a buffer underflow, triggering a crash on an affected device. This vulnerability affects Cisco ASA Software and Cisco FTD Software that is running on the following Cisco products: Adaptive Security Virtual Appliance (ASAv), Firepower Threat Defense Virtual (FTDv), Firepower 2100 Series Security Appliance. Cisco Bug IDs: CSCve18902, CSCve34335, CSCve38446. Vendors have confirmed this vulnerability Bug ID CSCve18902 , CSCve34335 and CSCve38446 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. CiscoAdaptiveSecurityVirtualAppliance and so on are all security devices from Cisco. AdaptiveSecurityAppliance (ASA) Software and FirepowerThreatDefense (FTD) Software are operating systems that run on different security devices. TransportLayerSecurity (TLS) is one of the transport layer security protocol libraries. The TLS inventory in ASASoftware and FTDSoftware in several Cisco products is entering a validation vulnerability that stems from the program failing to adequately verify the user-submitted input

Trust: 2.34

sources: NVD: CVE-2018-0231 // JVNDB: JVNDB-2018-004346 // CNVD: CNVD-2018-09396 // VULHUB: VHN-118433 // VULMON: CVE-2018-0231

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-09396

AFFECTED PRODUCTS

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8\(1\)

Trust: 1.6

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:98.1\(1.154\)

Trust: 1.6

vendor:ciscomodel:firepower threat defensescope:ltversion:6.1.0.6

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.2.1

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.2.2.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower threat defense softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:adaptive security virtual appliancescope: - version: -

Trust: 0.6

vendor:ciscomodel:firepower series security appliancescope:eqversion:2100

Trust: 0.6

vendor:ciscomodel:firepower threat defense virtualscope: - version: -

Trust: 0.6

vendor:ciscomodel:firepower threat defensescope:eqversion:6.0.0

Trust: 0.6

vendor:ciscomodel:firepower threat defensescope:eqversion:6.0.1

Trust: 0.6

vendor:ciscomodel:firepower threat defensescope:eqversion:6.1.0

Trust: 0.6

sources: CNVD: CNVD-2018-09396 // JVNDB: JVNDB-2018-004346 // CNNVD: CNNVD-201804-1107 // NVD: CVE-2018-0231

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0231
value: HIGH

Trust: 1.0

NVD: CVE-2018-0231
value: HIGH

Trust: 0.8

CNVD: CNVD-2018-09396
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201804-1107
value: HIGH

Trust: 0.6

VULHUB: VHN-118433
value: HIGH

Trust: 0.1

VULMON: CVE-2018-0231
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-0231
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2018-09396
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-118433
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-0231
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2018-09396 // VULHUB: VHN-118433 // VULMON: CVE-2018-0231 // JVNDB: JVNDB-2018-004346 // CNNVD: CNNVD-201804-1107 // NVD: CVE-2018-0231

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

problemtype:CWE-787

Trust: 1.1

sources: VULHUB: VHN-118433 // JVNDB: JVNDB-2018-004346 // NVD: CVE-2018-0231

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201804-1107

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201804-1107

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-004346

PATCH
title:cisco-sa-20180418-asa3url:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3
Trust: 0.8
title:CiscoAdaptiveSecurityApplianceSoftware and FirepowerThreatDefenseSoftwareTransportLayerSecurity libraries to enter patches for validation vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/128715
Trust: 0.6
title:Cisco Adaptive Security Appliance Software  and Firepower Threat Defense Software Transport Layer Security Fixes for library input validation vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=81402
Trust: 0.6
title:Cisco: Cisco Adaptive Security Appliance TLS Denial of Service Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20180418-asa3
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-09396 // 
            
            
            
            VULMON: CVE-2018-0231 // 
            
            
            
            JVNDB: JVNDB-2018-004346 // 
            
            
            
            CNNVD: CNNVD-201804-1107

EXTERNAL IDS
db:NVDid:CVE-2018-0231
Trust: 3.2
db:ICS CERTid:ICSA-18-184-01
Trust: 2.6
db:SECTRACKid:1040725
Trust: 1.8
db:JVNDBid:JVNDB-2018-004346
Trust: 0.8
db:CNVDid:CNVD-2018-09396
Trust: 0.6
db:CNNVDid:CNNVD-201804-1107
Trust: 0.6
db:VULHUBid:VHN-118433
Trust: 0.1
db:VULMONid:CVE-2018-0231
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-09396 // 
            
            
            
            VULHUB: VHN-118433 // 
            
            
            
            VULMON: CVE-2018-0231 // 
            
            
            
            JVNDB: JVNDB-2018-004346 // 
            
            
            
            CNNVD: CNNVD-201804-1107 // 
            
            
            
            NVD: CVE-2018-0231

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180418-asa3
Trust: 2.5
url:https://ics-cert.us-cert.gov/advisories/icsa-18-184-01
Trust: 1.9
url:http://www.securitytracker.com/id/1040725
Trust: 1.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0231
Trust: 0.8
url:https://www.us-cert.gov/ics/advisories/icsa-18-184-01
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-0231
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/787.html
Trust: 0.1
url:https://www.rapid7.com/db/vulnerabilities/cisco-asa-cve-2018-0231
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-09396 // 
            
            
            
            VULHUB: VHN-118433 // 
            
            
            
            VULMON: CVE-2018-0231 // 
            
            
            
            JVNDB: JVNDB-2018-004346 // 
            
            
            
            CNNVD: CNNVD-201804-1107 // 
            
            
            
            NVD: CVE-2018-0231

SOURCES
db:CNVDid:CNVD-2018-09396
db:VULHUBid:VHN-118433
db:VULMONid:CVE-2018-0231
db:JVNDBid:JVNDB-2018-004346
db:CNNVDid:CNNVD-201804-1107
db:NVDid:CVE-2018-0231

LAST UPDATE DATE
2024-11-23T22:22:06.869000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2018-09396date:2018-05-14T00:00:00
db:VULHUBid:VHN-118433date:2019-10-09T00:00:00
db:VULMONid:CVE-2018-0231date:2019-10-09T00:00:00
db:JVNDBid:JVNDB-2018-004346date:2019-07-10T00:00:00
db:CNNVDid:CNNVD-201804-1107date:2022-03-21T00:00:00
db:NVDid:CVE-2018-0231date:2024-11-21T03:37:47.010

SOURCES RELEASE DATE
db:CNVDid:CNVD-2018-09396date:2018-05-14T00:00:00
db:VULHUBid:VHN-118433date:2018-04-19T00:00:00
db:VULMONid:CVE-2018-0231date:2018-04-19T00:00:00
db:JVNDBid:JVNDB-2018-004346date:2018-06-18T00:00:00
db:CNNVDid:CNNVD-201804-1107date:2018-04-19T00:00:00
db:NVDid:CVE-2018-0231date:2018-04-19T20:29:00.533