Details of VAR-201807-0430

ID

VAR-201807-0430

CVE

CVE-2018-0385

TITLE

Cisco Firepower System Software resource management vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-008402

DESCRIPTION

A vulnerability in the detection engine parsing of Security Socket Layer (SSL) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. The vulnerability is due to improper input handling of the SSL traffic. An attacker could exploit this vulnerability by sending a crafted SSL traffic to the detection engine on the targeted device. An exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped. Cisco Bug IDs: CSCvi36434. Cisco Firepower System The software contains a resource management vulnerability. Vendors have confirmed this vulnerability Bug ID CSCvi36434 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state

Trust: 2.52

sources: NVD: CVE-2018-0385 // JVNDB: JVNDB-2018-008402 // CNVD: CNVD-2018-13759 // BID: 104727 // VULHUB: VHN-118587

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-13759

AFFECTED PRODUCTS

vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.1.0	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.3.0	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.2.0	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.0.0	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.2.2	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	6.2.3	Trust: 1.0
vendor:	cisco	model:	secure firewall management center	scope:	eq	version:	5.4.0	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.2.2	Trust: 0.9
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.2.3	Trust: 0.9
vendor:	cisco	model:	firepower management center	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower system software	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	firepower management center	scope:	eq	version:	5.4.0	Trust: 0.6
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.2.0	Trust: 0.6
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.0.0	Trust: 0.6
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.3.0	Trust: 0.6
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.1.0	Trust: 0.6
vendor:	cisco	model:	firepower system software	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.3	Trust: 0.3
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.2	Trust: 0.3
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.1	Trust: 0.3
vendor:	cisco	model:	firepower management center	scope:	eq	version:	5.4	Trust: 0.3
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.2.1	Trust: 0.3
vendor:	cisco	model:	firepower management center	scope:	ne	version:	6.2.2.4	Trust: 0.3

sources: CNVD: CNVD-2018-13759 // BID: 104727 // JVNDB: JVNDB-2018-008402 // CNNVD: CNNVD-201807-1215 // NVD: CVE-2018-0385

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-0385
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-0385
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-13759
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201807-1215
value:	HIGH
Trust: 0.6
VULHUB:	VHN-118587
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-0385
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-13759
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-118587
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-0385
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2018-0385
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2018-13759 // VULHUB: VHN-118587 // JVNDB: JVNDB-2018-008402 // CNNVD: CNNVD-201807-1215 // NVD: CVE-2018-0385

PROBLEMTYPE DATA

problemtype:	CWE-399	Trust: 1.9
problemtype:	CWE-20	Trust: 1.1

sources: VULHUB: VHN-118587 // JVNDB: JVNDB-2018-008402 // NVD: CVE-2018-0385

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201807-1215

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201807-1215

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-008402

PATCH

title:	cisco-sa-20180711-firepwr-ssl-dos	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180711-firepwr-ssl-dos	Trust: 0.8
title:	Patch for CiscoFirepowerSystem Denial of Service Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/135133	Trust: 0.6
title:	Cisco Firepower System Software Fixing measures for detecting engine security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=82159	Trust: 0.6

sources: CNVD: CNVD-2018-13759 // JVNDB: JVNDB-2018-008402 // CNNVD: CNNVD-201807-1215

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0385	Trust: 3.4
db:	BID	id:	104727	Trust: 2.6
db:	JVNDB	id:	JVNDB-2018-008402	Trust: 0.8
db:	CNNVD	id:	CNNVD-201807-1215	Trust: 0.7
db:	CNVD	id:	CNVD-2018-13759	Trust: 0.6
db:	VULHUB	id:	VHN-118587	Trust: 0.1

sources: CNVD: CNVD-2018-13759 // VULHUB: VHN-118587 // BID: 104727 // JVNDB: JVNDB-2018-008402 // CNNVD: CNNVD-201807-1215 // NVD: CVE-2018-0385

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180711-firepwr-ssl-dos	Trust: 2.6
url:	http://www.securityfocus.com/bid/104727	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0385	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0385	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2018-13759 // VULHUB: VHN-118587 // BID: 104727 // JVNDB: JVNDB-2018-008402 // CNNVD: CNNVD-201807-1215 // NVD: CVE-2018-0385

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 104727

SOURCES

db:	CNVD	id:	CNVD-2018-13759
db:	VULHUB	id:	VHN-118587
db:	BID	id:	104727
db:	JVNDB	id:	JVNDB-2018-008402
db:	CNNVD	id:	CNNVD-201807-1215
db:	NVD	id:	CVE-2018-0385

LAST UPDATE DATE

2024-11-27T23:01:08.501000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-13759	date:	2018-07-24T00:00:00
db:	VULHUB	id:	VHN-118587	date:	2020-08-31T00:00:00
db:	BID	id:	104727	date:	2018-07-11T00:00:00
db:	JVNDB	id:	JVNDB-2018-008402	date:	2018-10-16T00:00:00
db:	CNNVD	id:	CNNVD-201807-1215	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-0385	date:	2024-11-26T16:09:02.407

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-13759	date:	2018-07-24T00:00:00
db:	VULHUB	id:	VHN-118587	date:	2018-07-16T00:00:00
db:	BID	id:	104727	date:	2018-07-11T00:00:00
db:	JVNDB	id:	JVNDB-2018-008402	date:	2018-10-16T00:00:00
db:	CNNVD	id:	CNNVD-201807-1215	date:	2018-07-17T00:00:00
db:	NVD	id:	CVE-2018-0385	date:	2018-07-16T17:29:00.690