ID

VAR-201810-0583


CVE

CVE-2018-15398


TITLE

Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software access control vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-010870

DESCRIPTION

A vulnerability in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control list (ACL) that is configured for an interface of an affected device. The vulnerability is due to errors that could occur when the affected software constructs and applies per-user-override rules. An attacker could exploit this vulnerability by connecting to a network through an affected device that has a vulnerable configuration. A successful exploit could allow the attacker to access resources that are behind the affected device and would typically be protected by the interface ACL. Remote attackers can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. This issue is tracked by Cisco Bug ID CSCvj91858

Trust: 1.98

sources: NVD: CVE-2018-15398 // JVNDB: JVNDB-2018-010870 // BID: 105517 // VULHUB: VHN-125653

AFFECTED PRODUCTS

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6\(4.3\)

Trust: 1.6

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4\(2\)

Trust: 1.6

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.0

Trust: 1.6

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4\(4\)

Trust: 1.6

vendor:ciscomodel:adaptive security appliance softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower threat defense softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:asa series firewallsscope:eqversion:5500-x9.6(4)

Trust: 0.3

vendor:ciscomodel:asa series firewallsscope:eqversion:5500-x9.4(2)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4(4)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:0

Trust: 0.3

sources: BID: 105517 // JVNDB: JVNDB-2018-010870 // CNNVD: CNNVD-201810-190 // NVD: CVE-2018-15398

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-15398
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-15398
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201810-190
value: MEDIUM

Trust: 0.6

VULHUB: VHN-125653
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-15398
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-125653
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-15398
baseSeverity: MEDIUM
baseScore: 4.0
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.2
impactScore: 1.4
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-125653 // JVNDB: JVNDB-2018-010870 // CNNVD: CNNVD-201810-190 // NVD: CVE-2018-15398

PROBLEMTYPE DATA

problemtype:CWE-284

Trust: 1.9

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: VULHUB: VHN-125653 // JVNDB: JVNDB-2018-010870 // NVD: CVE-2018-15398

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201810-190

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-201810-190

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-010870

PATCH

title:cisco-sa-20181003-asa-acl-bypassurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-acl-bypass

Trust: 0.8

title:Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Fixes for access control error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85404

Trust: 0.6

sources: JVNDB: JVNDB-2018-010870 // CNNVD: CNNVD-201810-190

EXTERNAL IDS

db:NVDid:CVE-2018-15398

Trust: 2.8

db:BIDid:105517

Trust: 2.0

db:SECTRACKid:1041788

Trust: 1.7

db:JVNDBid:JVNDB-2018-010870

Trust: 0.8

db:CNNVDid:CNNVD-201810-190

Trust: 0.6

db:VULHUBid:VHN-125653

Trust: 0.1

sources: VULHUB: VHN-125653 // BID: 105517 // JVNDB: JVNDB-2018-010870 // CNNVD: CNNVD-201810-190 // NVD: CVE-2018-15398

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181003-asa-acl-bypass

Trust: 2.0

url:http://www.securityfocus.com/bid/105517

Trust: 1.7

url:http://www.securitytracker.com/id/1041788

Trust: 1.7

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15398

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-15398

Trust: 0.8

url:http://www.cisco.com

Trust: 0.3

sources: VULHUB: VHN-125653 // BID: 105517 // JVNDB: JVNDB-2018-010870 // CNNVD: CNNVD-201810-190 // NVD: CVE-2018-15398

CREDITS

Cisco

Trust: 0.3

sources: BID: 105517

SOURCES

db:VULHUBid:VHN-125653
db:BIDid:105517
db:JVNDBid:JVNDB-2018-010870
db:CNNVDid:CNNVD-201810-190
db:NVDid:CVE-2018-15398

LAST UPDATE DATE

2024-08-14T14:39:12.723000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-125653date:2019-10-09T00:00:00
db:BIDid:105517date:2018-10-03T00:00:00
db:JVNDBid:JVNDB-2018-010870date:2018-12-26T00:00:00
db:CNNVDid:CNNVD-201810-190date:2019-10-17T00:00:00
db:NVDid:CVE-2018-15398date:2023-08-11T18:54:47.730

SOURCES RELEASE DATE

db:VULHUBid:VHN-125653date:2018-10-05T00:00:00
db:BIDid:105517date:2018-10-03T00:00:00
db:JVNDBid:JVNDB-2018-010870date:2018-12-26T00:00:00
db:CNNVDid:CNNVD-201810-190date:2018-10-08T00:00:00
db:NVDid:CVE-2018-15398date:2018-10-05T14:29:08.230