Details of VAR-201807-0420

ID

VAR-201807-0420

CVE

CVE-2018-0370

TITLE

Cisco Firepower System Software resource management vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-008135

DESCRIPTION

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause one of the detection engine processes to run out of memory and thus slow down traffic processing. The vulnerability is due to improper handling of traffic when the Secure Sockets Layer (SSL) inspection policy is enabled. An attacker could exploit this vulnerability by sending malicious traffic through an affected device. An exploit could allow the attacker to increase the resource consumption of a single instance of the Snort detection engine on an affected device. This will lead to performance degradation and eventually the restart of the affected Snort process. Cisco Bug IDs: CSCvi09219, CSCvi29845. Cisco Firepower System The software contains a resource management vulnerability. Vendors have confirmed this vulnerability Bug ID CSCvi09219 and CSCvi29845 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state

Trust: 1.98

sources: NVD: CVE-2018-0370 // JVNDB: JVNDB-2018-008135 // BID: 104728 // VULHUB: VHN-118572

AFFECTED PRODUCTS

vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.2.0.5	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.1.0.7	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.2.2.2	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.2.0.5	Trust: 0.6
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.2.2.2	Trust: 0.6
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.1.0.7	Trust: 0.6
vendor:	cisco	model:	firepower system software	scope:	eq	version:	0	Trust: 0.3

sources: BID: 104728 // JVNDB: JVNDB-2018-008135 // CNNVD: CNNVD-201807-1218 // NVD: CVE-2018-0370

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-0370
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-0370
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201807-1218
value:	HIGH
Trust: 0.6
VULHUB:	VHN-118572
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-0370
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-118572
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-0370
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-118572 // JVNDB: JVNDB-2018-008135 // CNNVD: CNNVD-201807-1218 // NVD: CVE-2018-0370

PROBLEMTYPE DATA

problemtype:	CWE-399	Trust: 1.9
problemtype:	NVD-CWE-noinfo	Trust: 1.0

sources: VULHUB: VHN-118572 // JVNDB: JVNDB-2018-008135 // NVD: CVE-2018-0370

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201807-1218

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201807-1218

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-008135

PATCH

title:	cisco-sa-20180711-firepower-dos	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180711-firepower-dos	Trust: 0.8
title:	Cisco Firepower System Software Fixes for detecting engine resource management error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=82162	Trust: 0.6

sources: JVNDB: JVNDB-2018-008135 // CNNVD: CNNVD-201807-1218

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0370	Trust: 2.8
db:	BID	id:	104728	Trust: 2.0
db:	JVNDB	id:	JVNDB-2018-008135	Trust: 0.8
db:	CNNVD	id:	CNNVD-201807-1218	Trust: 0.7
db:	VULHUB	id:	VHN-118572	Trust: 0.1

sources: VULHUB: VHN-118572 // BID: 104728 // JVNDB: JVNDB-2018-008135 // CNNVD: CNNVD-201807-1218 // NVD: CVE-2018-0370

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180711-firepower-dos	Trust: 2.0
url:	http://www.securityfocus.com/bid/104728	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0370	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0370	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: VULHUB: VHN-118572 // BID: 104728 // JVNDB: JVNDB-2018-008135 // CNNVD: CNNVD-201807-1218 // NVD: CVE-2018-0370

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 104728

SOURCES

db:	VULHUB	id:	VHN-118572
db:	BID	id:	104728
db:	JVNDB	id:	JVNDB-2018-008135
db:	CNNVD	id:	CNNVD-201807-1218
db:	NVD	id:	CVE-2018-0370

LAST UPDATE DATE

2024-11-27T23:05:01.245000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-118572	date:	2019-10-09T00:00:00
db:	BID	id:	104728	date:	2018-07-11T00:00:00
db:	JVNDB	id:	JVNDB-2018-008135	date:	2018-10-09T00:00:00
db:	CNNVD	id:	CNNVD-201807-1218	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-0370	date:	2024-11-26T16:09:02.407

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-118572	date:	2018-07-16T00:00:00
db:	BID	id:	104728	date:	2018-07-11T00:00:00
db:	JVNDB	id:	JVNDB-2018-008135	date:	2018-10-09T00:00:00
db:	CNNVD	id:	CNNVD-201807-1218	date:	2018-07-17T00:00:00
db:	NVD	id:	CVE-2018-0370	date:	2018-07-16T17:29:00.533