ID

VAR-201806-1026


CVE

CVE-2018-0296


TITLE

Cisco Adaptive Security Appliance and Firepower Threat Defense Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-006154

DESCRIPTION

A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029. Vendors have confirmed this vulnerability Bug ID CSCvi16029 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. ASASoftware and FirepowerThreatDefense (FTD) Software are operating systems that run on different devices

Trust: 2.34

sources: NVD: CVE-2018-0296 // JVNDB: JVNDB-2018-006154 // CNVD: CNVD-2018-11320 // VULHUB: VHN-118498 // VULMON: CVE-2018-0296

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-11320

AFFECTED PRODUCTS

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3

Trust: 1.6

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3-85.02

Trust: 1.6

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3-851

Trust: 1.6

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3.1

Trust: 1.6

vendor:ciscomodel:firepower threat defensescope:gteversion:6.2.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.7.1.24

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.1.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.7

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.8.2.28

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.3

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.9.2.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.2

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.1.7.29

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.6.4.8

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.8

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.2.2.3

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.9

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.4.4.18

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:8.1\(2.5\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.5

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.2.4.33

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.9

Trust: 0.9

vendor:ciscomodel:adaptive security appliance softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower threat defense softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:asa series next-generation firewallsscope:eqversion:5500-x

Trust: 0.6

vendor:ciscomodel:adaptive security virtual appliancescope: - version: -

Trust: 0.6

vendor:ciscomodel:firepower asa security modulescope:eqversion:9300

Trust: 0.6

vendor:ciscomodel:asa cloud firewallscope:eqversion:1000v

Trust: 0.6

vendor:ciscomodel:asa series adaptive security appliancesscope:eqversion:5500

Trust: 0.6

vendor:ciscomodel:firepower series security appliancesscope:eqversion:4100

Trust: 0.6

vendor:ciscomodel:series industrial security appliancescope:eqversion:3000

Trust: 0.6

vendor:ciscomodel:firepower series security appliancescope:eqversion:2100

Trust: 0.6

vendor:ciscomodel:ftd virtualscope: - version: -

Trust: 0.6

vendor:ciscomodel:asa services module for cisco catalyst series switches and cisco series routersscope:eqversion:65007600

Trust: 0.6

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.2

Trust: 0.6

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.1

Trust: 0.6

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.9\(1\)

Trust: 0.6

vendor:ciscomodel:firepower threat defensescope:eqversion:6.0.1

Trust: 0.6

vendor:ciscomodel:firepower threat defensescope:eqversion:6.0.0

Trust: 0.6

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.9\(2\)

Trust: 0.6

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8\(2\)

Trust: 0.6

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0(4.1)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4.3(8)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.2(3.4)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1(5.12)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.14.7

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.3(3.9)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1(2.5)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6(2.10)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.7

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.2.27

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.2.8

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.12

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.2(4.1)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.13

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.2(0.104)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.5(1.4)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.13.2

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1(7)

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.3

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.3.3

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.2.2

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6.1(11)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.2(4.13)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.4.5

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6.4(6)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.2.2.8

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.515

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0(4.21)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0(1.4)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4.3.3

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0(2.10)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0(4.32)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.5.3.7

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.3.2

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1(1.8)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.4

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.3(1.50)

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.0

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1(4.5)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.4.20

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.45

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1(1.7)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0(4.13)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0(3.10)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0(4.42)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.5

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6.2.9

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.1.0.6

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.2.3.3

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1(2.8)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0(4.39)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.2(4.11)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.2

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.1.0.5

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.2(0.0)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.7.17

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.3(3)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1(3)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:neversion:9.7.1.24

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.1

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.14

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.34

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6.3(1)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1(7.16)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.2(3.1)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1(3.4)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.2.10

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.5.2.8

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.12.10

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:neversion:9.6.4.8

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.5

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.13.6

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1(7.13)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0(4.38)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.15

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4(3.6)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1(6)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.1.4.5

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:neversion:9.2.4.33

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4.4.14

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.1

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4.2.6

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:neversion:9.9.2.1

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.2

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.3(3.11)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.14.20

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.2.(3.1)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6.4(3)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.2(2)8

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1(5.7)

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.0.1.4

Trust: 0.3

vendor:ciscomodel:asa series adaptive security appliancesscope:eqversion:55000

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1(4.3)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0(3.8)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6(3)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4(2)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1(6.1)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1(6.2)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4.(0.115)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.5.3.9

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.4.1

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6.3

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.12.8

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.2(4.5)

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.2.2

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4(1.1)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.2(2)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.5(3)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1(6.9)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6.3.20

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.14.5

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.2(2.6)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.1.4.5

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.1.4

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.4.26

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.3.3.8

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6.3.17

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0(3.3)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.3.2

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.3(3.8)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.3.1

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.1.5

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.2.1

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.3

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6(1.5)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.3

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4.4

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.7(0.99)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.7

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.12

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.3.11

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.3

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1(5.1)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.3.3(10)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6.2

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4.3.2

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.1.4

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.4

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.3(1.105)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1(7.7)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.7(19)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1(3.2)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.2.24

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4.4.6

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.13

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.2(4.6)

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.0.5

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.4.29

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0(3.6)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.4(40)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.3(1.1)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4(2.6)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.512

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0(4.8)

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.0.1

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4.4.13

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4.3.1

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.5.2.7

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.1.4.1

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.2(4.8)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.14.24

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.3.8

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.14.1

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4(2.4)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.2.4.6

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.7(9)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.3.6

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.5(2)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0(4.33)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.13.8

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.14.5

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.2

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.4.7

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.2.1

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.1.3.8

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.5(2.6)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.11.4

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1(7.6)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:neversion:9.4.4.18

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0(3.1)

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.1

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.3(3.7)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.3(2.243)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.14.17

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1(5.106)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.2.3

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6(2.99)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.5(2.2)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1(1.2)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4(4)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.510

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:neversion:6.2.2.3

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4.1

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.5.21

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.7.20

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0(4.29)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:neversion:9.8.2.28

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1(2)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.4.24

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.2(2.4)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.3(2.100)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:neversion:9.1.7.29

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6.2.21

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.7(1)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0(2.6)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.7(16)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.2.8

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.1.1.3.2

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.0.4.17

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.2.4(14)

Trust: 0.3

sources: CNVD: CNVD-2018-11320 // BID: 104612 // JVNDB: JVNDB-2018-006154 // CNNVD: CNNVD-201806-401 // NVD: CVE-2018-0296

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0296
value: HIGH

Trust: 1.0

NVD: CVE-2018-0296
value: HIGH

Trust: 0.8

CNVD: CNVD-2018-11320
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201806-401
value: HIGH

Trust: 0.6

VULHUB: VHN-118498
value: MEDIUM

Trust: 0.1

VULMON: CVE-2018-0296
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-0296
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2018-11320
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-118498
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-0296
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2018-0296
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2018-11320 // VULHUB: VHN-118498 // VULMON: CVE-2018-0296 // JVNDB: JVNDB-2018-006154 // CNNVD: CNNVD-201806-401 // NVD: CVE-2018-0296

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

problemtype:CWE-22

Trust: 1.1

sources: VULHUB: VHN-118498 // JVNDB: JVNDB-2018-006154 // NVD: CVE-2018-0296

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201806-401

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-201806-401

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-006154

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-118498 // VULMON: CVE-2018-0296

PATCH

title:cisco-sa-20180606-asaftdurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd

Trust: 0.8

title:Several Cisco products ASASoftware and FirepowerThreatDefenseSoftware enter patches for verification vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/131753

Trust: 0.6

title:Cisco: Cisco Adaptive Security Appliance Web Services Denial of Service Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20180606-asaftd

Trust: 0.1

title:CVE-2018-0296url:https://github.com/qiantu88/CVE-2018-0296

Trust: 0.1

title:CVE-2018-0296url:https://github.com/milo2012/CVE-2018-0296

Trust: 0.1

title:CVE-2018-0296url:https://github.com/yassineaboukir/CVE-2018-0296

Trust: 0.1

title:CVE-2018-0296url:https://github.com/irbishop/CVE-2018-0296

Trust: 0.1

title:CVE-2018-0296url:https://github.com/bhenner1/CVE-2018-0296

Trust: 0.1

title:CiscoIOSSNMPToolkiturl:https://github.com/GarnetSunset/CiscoIOSSNMPToolkit

Trust: 0.1

title:common-listsurl:https://github.com/tomikoski/common-lists

Trust: 0.1

title: - url:https://github.com/iveresk/cve-2020-3452

Trust: 0.1

title:CVE-2020-3452-Exploiturl:https://github.com/3ndG4me/CVE-2020-3452-Exploit

Trust: 0.1

title:KBurl:https://github.com/rudinyu/KB

Trust: 0.1

title:RedTeamurl:https://github.com/slimdaddy/RedTeam

Trust: 0.1

sources: CNVD: CNVD-2018-11320 // VULMON: CVE-2018-0296 // JVNDB: JVNDB-2018-006154

EXTERNAL IDS

db:NVDid:CVE-2018-0296

Trust: 3.5

db:ICS CERTid:ICSA-18-184-01

Trust: 2.8

db:EXPLOIT-DBid:44956

Trust: 2.6

db:BIDid:104612

Trust: 2.0

db:PACKETSTORMid:154017

Trust: 1.7

db:SECTRACKid:1041076

Trust: 1.7

db:JVNDBid:JVNDB-2018-006154

Trust: 0.8

db:CNNVDid:CNNVD-201806-401

Trust: 0.7

db:EXPLOITDBid:44956

Trust: 0.6

db:CNVDid:CNVD-2018-11320

Trust: 0.6

db:EXPLOIT-DBid:47220

Trust: 0.6

db:PACKETSTORMid:148365

Trust: 0.1

db:PACKETSTORMid:148658

Trust: 0.1

db:SEEBUGid:SSVID-97368

Trust: 0.1

db:VULHUBid:VHN-118498

Trust: 0.1

db:VULMONid:CVE-2018-0296

Trust: 0.1

sources: CNVD: CNVD-2018-11320 // VULHUB: VHN-118498 // VULMON: CVE-2018-0296 // BID: 104612 // JVNDB: JVNDB-2018-006154 // CNNVD: CNNVD-201806-401 // NVD: CVE-2018-0296

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180606-asaftd

Trust: 3.2

url:https://ics-cert.us-cert.gov/advisories/icsa-18-184-01

Trust: 2.8

url:https://www.exploit-db.com/exploits/44956/

Trust: 2.6

url:http://packetstormsecurity.com/files/154017/cisco-adaptive-security-appliance-path-traversal.html

Trust: 2.3

url:http://www.securityfocus.com/bid/104612

Trust: 1.7

url:http://www.securitytracker.com/id/1041076

Trust: 1.7

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0296

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-0296

Trust: 0.8

url:https://www.exploit-db.com/exploits/47220

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-asa-denial-of-service-via-http-url-28680

Trust: 0.6

url:http://www.cisco.com/

Trust: 0.3

url:https://github.com/yassineaboukir/cve-2018-0296

Trust: 0.3

sources: CNVD: CNVD-2018-11320 // VULHUB: VHN-118498 // BID: 104612 // JVNDB: JVNDB-2018-006154 // CNNVD: CNNVD-201806-401 // NVD: CVE-2018-0296

CREDITS

security researcher Michal Bentkowski from Securitum .,Angelo Ruwantha

Trust: 0.6

sources: CNNVD: CNNVD-201806-401

SOURCES

db:CNVDid:CNVD-2018-11320
db:VULHUBid:VHN-118498
db:VULMONid:CVE-2018-0296
db:BIDid:104612
db:JVNDBid:JVNDB-2018-006154
db:CNNVDid:CNNVD-201806-401
db:NVDid:CVE-2018-0296

LAST UPDATE DATE

2024-11-23T22:22:06.907000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2018-11320date:2018-09-06T00:00:00
db:VULHUBid:VHN-118498date:2020-09-04T00:00:00
db:VULMONid:CVE-2018-0296date:2023-08-15T00:00:00
db:BIDid:104612date:2018-06-06T00:00:00
db:JVNDBid:JVNDB-2018-006154date:2018-08-09T00:00:00
db:CNNVDid:CNNVD-201806-401date:2020-09-07T00:00:00
db:NVDid:CVE-2018-0296date:2024-11-21T03:37:55.227

SOURCES RELEASE DATE

db:CNVDid:CNVD-2018-11320date:2018-06-12T00:00:00
db:VULHUBid:VHN-118498date:2018-06-07T00:00:00
db:VULMONid:CVE-2018-0296date:2018-06-07T00:00:00
db:BIDid:104612date:2018-06-06T00:00:00
db:JVNDBid:JVNDB-2018-006154date:2018-08-09T00:00:00
db:CNNVDid:CNNVD-201806-401date:2018-06-08T00:00:00
db:NVDid:CVE-2018-0296date:2018-06-07T12:29:00.403