Details of VAR-201805-0496

ID

VAR-201805-0496

CVE

CVE-2018-0253

TITLE

Cisco Secure Access Control System Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-004901

DESCRIPTION

A vulnerability in the ACS Report component of Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected system. Commands executed by the attacker are processed at the targeted user's privilege level. The vulnerability is due to insufficient validation of the Action Message Format (AMF) protocol. An attacker could exploit this vulnerability by sending a crafted AMF message that contains malicious code to a targeted user. A successful exploit could allow the attacker to execute arbitrary commands on the ACS device. This vulnerability affects all releases of Cisco Secure ACS prior to Release 5.8 Patch 7. Cisco Bug IDs: CSCve69037. Vendors have confirmed this vulnerability Bug ID CSCve69037 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Failed exploits will result in denial-of-service conditions. The system can respectively control network access and network device access through RADIUS and TACACS protocols. ACS Report is one of the system report generation components

Trust: 2.07

sources: NVD: CVE-2018-0253 // JVNDB: JVNDB-2018-004901 // BID: 104075 // VULHUB: VHN-118455 // VULMON: CVE-2018-0253

AFFECTED PRODUCTS

vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.8	Trust: 1.9
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.8\(0.8\)	Trust: 1.6
vendor:	cisco	model:	secure access control system	scope:	lt	version:	5.8	Trust: 1.0
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.5.0.46	Trust: 0.9
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.3.0.40.9	Trust: 0.9
vendor:	cisco	model:	secure access control system software	scope:	lt	version:	5.8 patch 7	Trust: 0.8
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.7\(0.15\)	Trust: 0.6
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.340.8	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.226.9	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.226.8	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.226.7	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.226.6	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.226.5	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.226.4	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.226.3	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.226.2	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.226.11	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.226.10	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.226.1	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.226	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.144	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.021	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.6	Trust: 0.3
vendor:	cisco	model:	secure access control system patch	scope:	eq	version:	5.57	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.5	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.4.0.46.6	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.4.0.46.5	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.4.0.46.4	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.4.0.46.3	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.4.0.46.2	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.4.0.46.1	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.4	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.3.0.6	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.3.0.40.7	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.3.0.40.6	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.3.0.40.5	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.3.0.40.4	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.3.0.40.3	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.3.0.40.2	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.3.0.40.1	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.3.0.40	Trust: 0.3
vendor:	cisco	model:	secure access control system patch	scope:	eq	version:	5.37	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.3	Trust: 0.3
vendor:	cisco	model:	secure access control system patch	scope:	eq	version:	5.211	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.2	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.1	Trust: 0.3
vendor:	cisco	model:	secure access control system	scope:	eq	version:	5.0	Trust: 0.3
vendor:	cisco	model:	secure access control system patch	scope:	ne	version:	5.87	Trust: 0.3

sources: BID: 104075 // JVNDB: JVNDB-2018-004901 // CNNVD: CNNVD-201805-083 // NVD: CVE-2018-0253

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-0253
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2018-0253
value:	CRITICAL
Trust: 0.8
CNNVD:	CNNVD-201805-083
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-118455
value:	HIGH
Trust: 0.1
VULMON:	CVE-2018-0253
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-0253
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-118455
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-0253
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-118455 // VULMON: CVE-2018-0253 // JVNDB: JVNDB-2018-004901 // CNNVD: CNNVD-201805-083 // NVD: CVE-2018-0253

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-118455 // JVNDB: JVNDB-2018-004901 // NVD: CVE-2018-0253

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201805-083

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201805-083

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-004901

PATCH

title:	cisco-sa-20180502-acs1	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-acs1	Trust: 0.8
title:	Cisco Secure Access Control System ACS Report Fixes for component input validation vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79819	Trust: 0.6
title:	Cisco: Cisco Secure Access Control System Remote Code Execution Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20180502-acs1	Trust: 0.1
title:	The Register	url:	https://www.theregister.co.uk/2018/05/03/cisco_patches_may_2/	Trust: 0.1

sources: VULMON: CVE-2018-0253 // JVNDB: JVNDB-2018-004901 // CNNVD: CNNVD-201805-083

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0253	Trust: 2.9
db:	BID	id:	104075	Trust: 2.1
db:	SECTRACK	id:	1040808	Trust: 1.8
db:	JVNDB	id:	JVNDB-2018-004901	Trust: 0.8
db:	CNNVD	id:	CNNVD-201805-083	Trust: 0.7
db:	VULHUB	id:	VHN-118455	Trust: 0.1
db:	VULMON	id:	CVE-2018-0253	Trust: 0.1

sources: VULHUB: VHN-118455 // VULMON: CVE-2018-0253 // BID: 104075 // JVNDB: JVNDB-2018-004901 // CNNVD: CNNVD-201805-083 // NVD: CVE-2018-0253

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180502-acs1	Trust: 2.2
url:	http://www.securityfocus.com/bid/104075	Trust: 1.9
url:	http://www.securitytracker.com/id/1040808	Trust: 1.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0253	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0253	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/20.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-118455 // VULMON: CVE-2018-0253 // BID: 104075 // JVNDB: JVNDB-2018-004901 // CNNVD: CNNVD-201805-083 // NVD: CVE-2018-0253

CREDITS

Mikhail Klyuchnikov and Yury Aleynov from Positive Technologies.

Trust: 0.3

sources: BID: 104075

SOURCES

db:	VULHUB	id:	VHN-118455
db:	VULMON	id:	CVE-2018-0253
db:	BID	id:	104075
db:	JVNDB	id:	JVNDB-2018-004901
db:	CNNVD	id:	CNNVD-201805-083
db:	NVD	id:	CVE-2018-0253

LAST UPDATE DATE

2024-11-23T21:53:10.368000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-118455	date:	2019-10-09T00:00:00
db:	VULMON	id:	CVE-2018-0253	date:	2019-10-09T00:00:00
db:	BID	id:	104075	date:	2018-05-02T00:00:00
db:	JVNDB	id:	JVNDB-2018-004901	date:	2018-06-29T00:00:00
db:	CNNVD	id:	CNNVD-201805-083	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-0253	date:	2024-11-21T03:37:49.340

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-118455	date:	2018-05-02T00:00:00
db:	VULMON	id:	CVE-2018-0253	date:	2018-05-02T00:00:00
db:	BID	id:	104075	date:	2018-05-02T00:00:00
db:	JVNDB	id:	JVNDB-2018-004901	date:	2018-06-29T00:00:00
db:	CNNVD	id:	CNNVD-201805-083	date:	2018-05-02T00:00:00
db:	NVD	id:	CVE-2018-0253	date:	2018-05-02T22:29:00.747