ID

VAR-201810-0577


CVE

CVE-2018-15390


TITLE

Cisco Firepower Threat Defense Software resource management vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-011567

DESCRIPTION

A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software fails to release spinlocks when a device is running low on system memory, if the software is configured to apply FTP inspection and an access control rule to transit traffic, and the access control rule is associated with an FTP file policy. An attacker could exploit this vulnerability by sending a high rate of transit traffic through an affected device to cause a low-memory condition on the device. A successful exploit could allow the attacker to cause a software panic on the affected device, which could cause the device to reload and result in a temporary DoS condition. This issue is being tracked by Cisco Bug ID CSCvh77456. Cisco 3000 Series Industrial Security Appliances and so on are different series of security equipment of Cisco (Cisco). The following products are affected: Cisco 3000 Series Industrial Security Appliances (ISAs); ASA 5500-X Series Next-Generation Firewalls; Firepower 2100 Series Security Appliances; Firepower 4100 Series Security Appliances;

Trust: 1.98

sources: NVD: CVE-2018-15390 // JVNDB: JVNDB-2018-011567 // BID: 105519 // VULHUB: VHN-125645

AFFECTED PRODUCTS

vendor:ciscomodel:firepower threat defensescope:lteversion:6.2.3.4

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.2.3.0

Trust: 1.0

vendor:ciscomodel:firepower threat defense softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3.1

Trust: 0.6

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.3

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.3.3

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.3.1

Trust: 0.3

vendor:ciscomodel:asa series firewallsscope:eqversion:5500-x99.2(0.25)

Trust: 0.3

vendor:ciscomodel:asa series firewallsscope:eqversion:5500-x101.5(1.34)

Trust: 0.3

vendor:ciscomodel:asa series firewallsscope:eqversion:5500-x101.5(1.10)

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:neversion:6.2.3.4

Trust: 0.3

sources: BID: 105519 // JVNDB: JVNDB-2018-011567 // CNNVD: CNNVD-201810-185 // NVD: CVE-2018-15390

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-15390
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-15390
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201810-185
value: MEDIUM

Trust: 0.6

VULHUB: VHN-125645
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-15390
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-125645
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-15390
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.2
impactScore: 4.0
version: 3.1

Trust: 1.0

NVD: CVE-2018-15390
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-125645 // JVNDB: JVNDB-2018-011567 // CNNVD: CNNVD-201810-185 // NVD: CVE-2018-15390

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.8

problemtype:CWE-667

Trust: 1.1

sources: VULHUB: VHN-125645 // JVNDB: JVNDB-2018-011567 // NVD: CVE-2018-15390

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201810-185

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201810-185

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-011567

PATCH

title:cisco-sa-20181003-ftd-inspect-dosurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-ftd-inspect-dos

Trust: 0.8

title:Cisco Firepower Threat Defense Software Remediation of resource management error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85399

Trust: 0.6

sources: JVNDB: JVNDB-2018-011567 // CNNVD: CNNVD-201810-185

EXTERNAL IDS

db:NVDid:CVE-2018-15390

Trust: 2.8

db:BIDid:105519

Trust: 2.0

db:JVNDBid:JVNDB-2018-011567

Trust: 0.8

db:CNNVDid:CNNVD-201810-185

Trust: 0.7

db:VULHUBid:VHN-125645

Trust: 0.1

sources: VULHUB: VHN-125645 // BID: 105519 // JVNDB: JVNDB-2018-011567 // CNNVD: CNNVD-201810-185 // NVD: CVE-2018-15390

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181003-ftd-inspect-dos

Trust: 2.0

url:http://www.securityfocus.com/bid/105519

Trust: 1.7

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15390

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-15390

Trust: 0.8

url:http://www.cisco.com/

Trust: 0.3

sources: VULHUB: VHN-125645 // BID: 105519 // JVNDB: JVNDB-2018-011567 // CNNVD: CNNVD-201810-185 // NVD: CVE-2018-15390

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 105519

SOURCES

db:VULHUBid:VHN-125645
db:BIDid:105519
db:JVNDBid:JVNDB-2018-011567
db:CNNVDid:CNNVD-201810-185
db:NVDid:CVE-2018-15390

LAST UPDATE DATE

2024-08-14T15:02:32.583000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-125645date:2020-08-31T00:00:00
db:BIDid:105519date:2018-10-03T00:00:00
db:JVNDBid:JVNDB-2018-011567date:2019-01-16T00:00:00
db:CNNVDid:CNNVD-201810-185date:2020-09-02T00:00:00
db:NVDid:CVE-2018-15390date:2020-08-31T20:06:57.903

SOURCES RELEASE DATE

db:VULHUBid:VHN-125645date:2018-10-05T00:00:00
db:BIDid:105519date:2018-10-03T00:00:00
db:JVNDBid:JVNDB-2018-011567date:2019-01-16T00:00:00
db:CNNVDid:CNNVD-201810-185date:2018-10-08T00:00:00
db:NVDid:CVE-2018-15390date:2018-10-05T14:29:07.670