ID

VAR-201810-0582


CVE

CVE-2018-15397


TITLE

Cisco Adaptive Security Appliance and Firepower Threat Defense Software key management error vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-013334

DESCRIPTION

A vulnerability in the implementation of Traffic Flow Confidentiality (TFC) over IPsec functionality in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to an error that may occur if the affected software renegotiates the encryption key for an IPsec tunnel when certain TFC traffic is in flight. An attacker could exploit this vulnerability by sending a malicious stream of TFC traffic through an established IPsec tunnel on an affected device. A successful exploit could allow the attacker to cause a daemon process on the affected device to crash, which could cause the device to crash and result in a DoS condition. The former is an operating system running on the firewall. The latter is a unified software suite that provides next-generation firewall services

Trust: 1.71

sources: NVD: CVE-2018-15397 // JVNDB: JVNDB-2018-013334 // VULHUB: VHN-125652

AFFECTED PRODUCTS

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.9.1

Trust: 1.6

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6.4

Trust: 1.6

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8.2

Trust: 1.6

vendor:ciscomodel:firepower management centerscope:eqversion:6.2.2

Trust: 1.6

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.9.1\(1\)

Trust: 1.6

vendor:ciscomodel:adaptive security appliance softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower management centerscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2018-013334 // CNNVD: CNNVD-201810-189 // NVD: CVE-2018-15397

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-15397
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-15397
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201810-189
value: MEDIUM

Trust: 0.6

VULHUB: VHN-125652
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-15397
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-125652
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-15397
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.2
impactScore: 4.0
version: 3.1

Trust: 1.0

NVD: CVE-2018-15397
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-125652 // JVNDB: JVNDB-2018-013334 // CNNVD: CNNVD-201810-189 // NVD: CVE-2018-15397

PROBLEMTYPE DATA

problemtype:CWE-320

Trust: 1.9

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: VULHUB: VHN-125652 // JVNDB: JVNDB-2018-013334 // NVD: CVE-2018-15397

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201810-189

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-201810-189

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-013334

PATCH

title:cisco-sa-20181003-asa-ipsec-dosurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-ipsec-dos

Trust: 0.8

title:Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85403

Trust: 0.6

sources: JVNDB: JVNDB-2018-013334 // CNNVD: CNNVD-201810-189

EXTERNAL IDS

db:NVDid:CVE-2018-15397

Trust: 2.5

db:SECTRACKid:1041786

Trust: 1.7

db:JVNDBid:JVNDB-2018-013334

Trust: 0.8

db:CNNVDid:CNNVD-201810-189

Trust: 0.7

db:VULHUBid:VHN-125652

Trust: 0.1

sources: VULHUB: VHN-125652 // JVNDB: JVNDB-2018-013334 // CNNVD: CNNVD-201810-189 // NVD: CVE-2018-15397

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181003-asa-ipsec-dos

Trust: 1.7

url:http://www.securitytracker.com/id/1041786

Trust: 1.7

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15397

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-15397

Trust: 0.8

sources: VULHUB: VHN-125652 // JVNDB: JVNDB-2018-013334 // CNNVD: CNNVD-201810-189 // NVD: CVE-2018-15397

SOURCES

db:VULHUBid:VHN-125652
db:JVNDBid:JVNDB-2018-013334
db:CNNVDid:CNNVD-201810-189
db:NVDid:CVE-2018-15397

LAST UPDATE DATE

2024-08-14T15:13:00.364000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-125652date:2020-08-31T00:00:00
db:JVNDBid:JVNDB-2018-013334date:2019-02-19T00:00:00
db:CNNVDid:CNNVD-201810-189date:2020-10-22T00:00:00
db:NVDid:CVE-2018-15397date:2023-08-15T15:24:56.340

SOURCES RELEASE DATE

db:VULHUBid:VHN-125652date:2018-10-05T00:00:00
db:JVNDBid:JVNDB-2018-013334date:2019-02-19T00:00:00
db:CNNVDid:CNNVD-201810-189date:2018-10-08T00:00:00
db:NVDid:CVE-2018-15397date:2018-10-05T14:29:08.107