Sign-up

ID

VAR-201805-0525


CVE

CVE-2018-0290


TITLE

Cisco SocialMiner Resource management vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-005162

DESCRIPTION

A vulnerability in the TCP stack of Cisco SocialMiner could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition in the notification system. The vulnerability is due to faulty handling of new TCP connections to the affected application. An attacker could exploit this vulnerability by sending a malicious TCP packet to the vulnerable service. An exploit could allow the attacker to create a DoS condition by interrupting certain phone services. A manual restart of the service may be required to restore full functionalities. Cisco Bug IDs: CSCvh48368. Cisco SocialMiner Contains a resource management vulnerability. Vendors have confirmed this vulnerability Bug ID CSCvh48368 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. Cisco SocialMiner is a set of social media call center solutions from Cisco. The solution supports social media monitoring and analysis capabilities

Trust: 1.98

sources: NVD: CVE-2018-0290 // JVNDB: JVNDB-2018-005162 // BID: 104201 // VULHUB: VHN-118492

AFFECTED PRODUCTS

vendor:ciscomodel:socialminerscope:eqversion:11.6\(1\)

Trust: 1.6

vendor:ciscomodel:socialminerscope: - version: -

Trust: 0.8

vendor:ciscomodel:socialminerscope:eqversion:11.6(1)

Trust: 0.3

sources: BID: 104201 // JVNDB: JVNDB-2018-005162 // CNNVD: CNNVD-201805-626 // NVD: CVE-2018-0290

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0290
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-0290
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201805-626
value: MEDIUM

Trust: 0.6

VULHUB: VHN-118492
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-0290
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-118492
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-0290
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-118492 // JVNDB: JVNDB-2018-005162 // CNNVD: CNNVD-201805-626 // NVD: CVE-2018-0290

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.9

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: VULHUB: VHN-118492 // JVNDB: JVNDB-2018-005162 // NVD: CVE-2018-0290

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201805-626

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201805-626

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-005162

PATCH
title:cisco-sa-20180516-socmin-dosurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-socmin-dos\
Trust: 0.8
title:Cisco SocialMiner Remediation of resource management error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=83551
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2018-005162 // 
            
            
            
            CNNVD: CNNVD-201805-626

EXTERNAL IDS
db:NVDid:CVE-2018-0290
Trust: 2.8
db:BIDid:104201
Trust: 2.0
db:JVNDBid:JVNDB-2018-005162
Trust: 0.8
db:CNNVDid:CNNVD-201805-626
Trust: 0.6
db:VULHUBid:VHN-118492
Trust: 0.1
sources:
            
            
            VULHUB: VHN-118492 // 
            
            
            
            BID: 104201 // 
            
            
            
            JVNDB: JVNDB-2018-005162 // 
            
            
            
            CNNVD: CNNVD-201805-626 // 
            
            
            
            NVD: CVE-2018-0290

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180516-socmin-dos
Trust: 2.0
url:http://www.securityfocus.com/bid/104201
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0290
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-0290
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-118492 // 
            
            
            
            BID: 104201 // 
            
            
            
            JVNDB: JVNDB-2018-005162 // 
            
            
            
            CNNVD: CNNVD-201805-626 // 
            
            
            
            NVD: CVE-2018-0290

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 104201

SOURCES
db:VULHUBid:VHN-118492
db:BIDid:104201
db:JVNDBid:JVNDB-2018-005162
db:CNNVDid:CNNVD-201805-626
db:NVDid:CVE-2018-0290

LAST UPDATE DATE
2024-11-23T22:17:30.395000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-118492date:2019-10-09T00:00:00
db:BIDid:104201date:2018-05-16T00:00:00
db:JVNDBid:JVNDB-2018-005162date:2018-07-09T00:00:00
db:CNNVDid:CNNVD-201805-626date:2019-10-17T00:00:00
db:NVDid:CVE-2018-0290date:2024-11-21T03:37:54.400

SOURCES RELEASE DATE
db:VULHUBid:VHN-118492date:2018-05-17T00:00:00
db:BIDid:104201date:2018-05-16T00:00:00
db:JVNDBid:JVNDB-2018-005162date:2018-07-09T00:00:00
db:CNNVDid:CNNVD-201805-626date:2018-05-18T00:00:00
db:NVDid:CVE-2018-0290date:2018-05-17T03:29:00.620