Sign-up

ID

VAR-201807-0429


CVE

CVE-2018-0384


TITLE

Cisco FireSIGHT System Vulnerability related to failure of protection mechanism in software

Trust: 0.8

sources: JVNDB: JVNDB-2018-008134

DESCRIPTION

A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traffic for an affected system. The vulnerability exists because the affected software incorrectly handles TCP packets that are received out of order when a TCP SYN retransmission is issued. An attacker could exploit this vulnerability by sending a maliciously crafted connection through an affected device. A successful exploit could allow the attacker to bypass a URL-based access control policy that is configured to block traffic for the affected system. Cisco Bug IDs: CSCvh84511. Cisco FireSIGHT System The software is vulnerable to a defect in the protection mechanism. Vendors have confirmed this vulnerability Bug ID CSCvh84511 It is released as.Information may be tampered with. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. Cisco FireSIGHT System Software is a set of management center software of Cisco (Cisco), which supports centralized management of the network security and operation functions of Cisco ASA and Cisco FirePOWER network security devices using FirePOWER Services

Trust: 1.98

sources: NVD: CVE-2018-0384 // JVNDB: JVNDB-2018-008134 // BID: 104725 // VULHUB: VHN-118586

AFFECTED PRODUCTS

vendor:ciscomodel:secure firewall management centerscope:eqversion:6.2.1

Trust: 1.0

vendor:ciscomodel:secure firewall management centerscope:eqversion:6.1.0

Trust: 1.0

vendor:ciscomodel:secure firewall management centerscope:eqversion:6.2.0

Trust: 1.0

vendor:ciscomodel:secure firewall management centerscope:eqversion:6.0.0

Trust: 1.0

vendor:ciscomodel:secure firewall management centerscope:eqversion:6.2.2

Trust: 1.0

vendor:ciscomodel:firepower management centerscope:eqversion:6.2.2

Trust: 0.9

vendor:ciscomodel:firepower management centerscope:eqversion:6.2.1

Trust: 0.9

vendor:ciscomodel:firepower management centerscope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower management centerscope:eqversion:6.2.0

Trust: 0.6

vendor:ciscomodel:firepower management centerscope:eqversion:6.0.0

Trust: 0.6

vendor:ciscomodel:firepower management centerscope:eqversion:6.1.0

Trust: 0.6

vendor:ciscomodel:firesight system softwarescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:firepower management centerscope:eqversion:6.2

Trust: 0.3

vendor:ciscomodel:firepower management centerscope:eqversion:6.1

Trust: 0.3

vendor:ciscomodel:firepower management centerscope:eqversion:6.0

Trust: 0.3

vendor:ciscomodel:firepower management centerscope:neversion:6.2.3

Trust: 0.3

vendor:ciscomodel:firepower management centerscope:neversion:6.2.2.3

Trust: 0.3

sources: BID: 104725 // JVNDB: JVNDB-2018-008134 // CNNVD: CNNVD-201807-1216 // NVD: CVE-2018-0384

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0384
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-0384
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201807-1216
value: MEDIUM

Trust: 0.6

VULHUB: VHN-118586
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-0384
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-118586
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-0384
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-118586 // JVNDB: JVNDB-2018-008134 // CNNVD: CNNVD-201807-1216 // NVD: CVE-2018-0384

PROBLEMTYPE DATA

problemtype:CWE-693

Trust: 1.9

sources: VULHUB: VHN-118586 // JVNDB: JVNDB-2018-008134 // NVD: CVE-2018-0384

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201807-1216

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201807-1216

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-008134

PATCH
title:cisco-sa-20180711-firesight-url-bypassurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180711-firesight-url-bypass
Trust: 0.8
title:Cisco FireSIGHT System Software Fixing measures for detecting engine security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=82160
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2018-008134 // 
            
            
            
            CNNVD: CNNVD-201807-1216

EXTERNAL IDS
db:NVDid:CVE-2018-0384
Trust: 2.8
db:BIDid:104725
Trust: 2.0
db:SECTRACKid:1041284
Trust: 1.7
db:JVNDBid:JVNDB-2018-008134
Trust: 0.8
db:CNNVDid:CNNVD-201807-1216
Trust: 0.7
db:VULHUBid:VHN-118586
Trust: 0.1
sources:
            
            
            VULHUB: VHN-118586 // 
            
            
            
            BID: 104725 // 
            
            
            
            JVNDB: JVNDB-2018-008134 // 
            
            
            
            CNNVD: CNNVD-201807-1216 // 
            
            
            
            NVD: CVE-2018-0384

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180711-firesight-url-bypass
Trust: 2.0
url:http://www.securityfocus.com/bid/104725
Trust: 1.7
url:http://www.securitytracker.com/id/1041284
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0384
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-0384
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-118586 // 
            
            
            
            BID: 104725 // 
            
            
            
            JVNDB: JVNDB-2018-008134 // 
            
            
            
            CNNVD: CNNVD-201807-1216 // 
            
            
            
            NVD: CVE-2018-0384

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 104725

SOURCES
db:VULHUBid:VHN-118586
db:BIDid:104725
db:JVNDBid:JVNDB-2018-008134
db:CNNVDid:CNNVD-201807-1216
db:NVDid:CVE-2018-0384

LAST UPDATE DATE
2024-11-27T22:49:49.045000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-118586date:2019-10-09T00:00:00
db:BIDid:104725date:2018-07-11T00:00:00
db:JVNDBid:JVNDB-2018-008134date:2018-10-09T00:00:00
db:CNNVDid:CNNVD-201807-1216date:2019-10-17T00:00:00
db:NVDid:CVE-2018-0384date:2024-11-26T16:09:02.407

SOURCES RELEASE DATE
db:VULHUBid:VHN-118586date:2018-07-16T00:00:00
db:BIDid:104725date:2018-07-11T00:00:00
db:JVNDBid:JVNDB-2018-008134date:2018-10-09T00:00:00
db:CNNVDid:CNNVD-201807-1216date:2018-07-17T00:00:00
db:NVDid:CVE-2018-0384date:2018-07-16T17:29:00.643