Details of VAR-201810-0344

ID

VAR-201810-0344

CVE

CVE-2018-0472

TITLE

Cisco IOS XE Software platform and Cisco ASA 5500-X Series Adaptive Security Appliance Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-011573

DESCRIPTION

A vulnerability in the IPsec driver code of multiple Cisco IOS XE Software platforms and the Cisco ASA 5500-X Series Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to improper processing of malformed IPsec Authentication Header (AH) or Encapsulating Security Payload (ESP) packets. An attacker could exploit this vulnerability by sending malformed IPsec packets to be processed by an affected device. An exploit could allow the attacker to cause a reload of the affected device. Cisco IOSXESoftware is the operating system for Cisco network devices, and the CiscoASA5500-XSeriesAdaptiveSecurityApplianceIPsec is a cisco security device. Multiple Cisco Products are prone to a denial-of-service vulnerability. This issue is being tracked by Cisco Bug IDs CSCvf73114, CSCvg37952, CSCvh04189, CSCvh04591, and CSCvi30496. ASA 5500-X Series Adaptive Security Appliance is a 5500-X series security appliance

Trust: 2.52

sources: NVD: CVE-2018-0472 // JVNDB: JVNDB-2018-011573 // CNVD: CNVD-2018-20048 // BID: 105418 // VULHUB: VHN-118674

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-20048

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xe	scope:	eq	version:	15.5\(3\)s5.36	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.8.1	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ios xe software	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	asa series adaptive security appliance ipsec	scope:	eq	version:	5500-x	Trust: 0.6
vendor:	rockwell	model:	automation allen-bradley stratix 1783-sad4t0spk9	scope:	eq	version:	5950	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 1783-sad4t0sbk9	scope:	eq	version:	5950	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 1783-sad2t2spk9	scope:	eq	version:	5950	Trust: 0.3
vendor:	rockwell	model:	automation allen-bradley stratix 1783-sad2t2sbk9	scope:	eq	version:	5950	Trust: 0.3
vendor:	cisco	model:	ios xe software	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.2.3	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.2.2	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.2.1	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.2	Trust: 0.3
vendor:	cisco	model:	asr series routers	scope:	eq	version:	10000	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.7	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.5	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.4	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.3	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance series	scope:	eq	version:	5500-x0	Trust: 0.3
vendor:	cisco	model:	series	scope:	eq	version:	40000	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	ne	version:	6.2.3.1	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	ne	version:	6.2.2.3	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	ne	version:	9.9.2.2	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	ne	version:	9.8.2.26	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	ne	version:	9.6.4.8	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	ne	version:	9.4.4.18	Trust: 0.3

sources: CNVD: CNVD-2018-20048 // BID: 105418 // JVNDB: JVNDB-2018-011573 // CNNVD: CNNVD-201809-1251 // NVD: CVE-2018-0472

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-0472
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-0472
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-20048
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201809-1251
value:	HIGH
Trust: 0.6
VULHUB:	VHN-118674
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-0472
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-20048
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-118674
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-0472
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.0
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2018-20048 // VULHUB: VHN-118674 // JVNDB: JVNDB-2018-011573 // CNNVD: CNNVD-201809-1251 // NVD: CVE-2018-0472

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-118674 // JVNDB: JVNDB-2018-011573 // NVD: CVE-2018-0472

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201809-1251

TYPE

Input Validation Error

Trust: 0.9

sources: BID: 105418 // CNNVD: CNNVD-201809-1251

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-011573

PATCH

title:	cisco-sa-20180926-ipsec	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ipsec	Trust: 0.8
title:	Patch for Cisco IOSXESoftware and Cisco ASA 5500-XSeriesAdaptiveSecurityApplianceIPsec Denial of Service Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/141291	Trust: 0.6
title:	Cisco IOS XE Software platforms and ASA 5500-X Series Adaptive Security Appliance Enter the fix for the verification vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85260	Trust: 0.6

sources: CNVD: CNVD-2018-20048 // JVNDB: JVNDB-2018-011573 // CNNVD: CNNVD-201809-1251

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0472	Trust: 3.4
db:	ICS CERT	id:	ICSA-19-094-04	Trust: 2.8
db:	BID	id:	105418	Trust: 2.0
db:	SECTRACK	id:	1041737	Trust: 1.7
db:	SECTRACK	id:	1041735	Trust: 1.7
db:	JVNDB	id:	JVNDB-2018-011573	Trust: 0.8
db:	CNNVD	id:	CNNVD-201809-1251	Trust: 0.7
db:	CNVD	id:	CNVD-2018-20048	Trust: 0.6
db:	ICS CERT	id:	ICSA-19-094-02	Trust: 0.6
db:	NSFOCUS	id:	43556	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.1153	Trust: 0.6
db:	VULHUB	id:	VHN-118674	Trust: 0.1

sources: CNVD: CNVD-2018-20048 // VULHUB: VHN-118674 // BID: 105418 // JVNDB: JVNDB-2018-011573 // CNNVD: CNNVD-201809-1251 // NVD: CVE-2018-0472

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-19-094-04	Trust: 3.4
url:	http://www.securityfocus.com/bid/105418	Trust: 2.9
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180926-ipsec	Trust: 2.6
url:	http://www.securitytracker.com/id/1041735	Trust: 1.7
url:	http://www.securitytracker.com/id/1041737	Trust: 1.7
url:	http://www.cisco.com/	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0472	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0472	Trust: 0.8
url:	https://ics-cert.us-cert.gov/advisories/icsa-19-094-02	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/78478	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/43556	Trust: 0.6

sources: CNVD: CNVD-2018-20048 // VULHUB: VHN-118674 // BID: 105418 // JVNDB: JVNDB-2018-011573 // CNNVD: CNNVD-201809-1251 // NVD: CVE-2018-0472

CREDITS

The vendor reported this issue.,Rockwell Automation reported this vulnerability to NCCIC.

Trust: 0.6

sources: CNNVD: CNNVD-201809-1251

SOURCES

db:	CNVD	id:	CNVD-2018-20048
db:	VULHUB	id:	VHN-118674
db:	BID	id:	105418
db:	JVNDB	id:	JVNDB-2018-011573
db:	CNNVD	id:	CNNVD-201809-1251
db:	NVD	id:	CVE-2018-0472

LAST UPDATE DATE

2024-08-14T13:45:32.931000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-20048	date:	2018-09-28T00:00:00
db:	VULHUB	id:	VHN-118674	date:	2019-04-15T00:00:00
db:	BID	id:	105418	date:	2019-04-05T06:00:00
db:	JVNDB	id:	JVNDB-2018-011573	date:	2019-04-10T00:00:00
db:	CNNVD	id:	CNNVD-201809-1251	date:	2019-07-02T00:00:00
db:	NVD	id:	CVE-2018-0472	date:	2019-04-15T12:31:09.023

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-20048	date:	2018-09-28T00:00:00
db:	VULHUB	id:	VHN-118674	date:	2018-10-05T00:00:00
db:	BID	id:	105418	date:	2018-09-26T00:00:00
db:	JVNDB	id:	JVNDB-2018-011573	date:	2019-01-17T00:00:00
db:	CNNVD	id:	CNNVD-201809-1251	date:	2018-09-28T00:00:00
db:	NVD	id:	CVE-2018-0472	date:	2018-10-05T14:29:05.013