ID

VAR-201810-0615


CVE

CVE-2018-15399


TITLE

Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software depletion vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-010869

DESCRIPTION

A vulnerability in the TCP syslog module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust the 1550-byte buffers on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing boundary check in an internal function. An attacker could exploit this vulnerability by establishing a man-in-the-middle position between an affected device and its configured TCP syslog server and then maliciously modifying the TCP header in segments that are sent from the syslog server to the affected device. A successful exploit could allow the attacker to exhaust buffer on the affected device and cause all TCP-based features to stop functioning, resulting in a DoS condition. The affected TCP-based features include AnyConnect SSL VPN, clientless SSL VPN, and management connections such as Secure Shell (SSH), Telnet, and HTTPS. Multiple Cisco Products are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition; denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCvh73829

Trust: 1.98

sources: NVD: CVE-2018-15399 // JVNDB: JVNDB-2018-010869 // BID: 105673 // VULHUB: VHN-125654

AFFECTED PRODUCTS

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4\(4\)

Trust: 1.6

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.0

Trust: 1.6

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8\(2\)

Trust: 1.6

vendor:ciscomodel:adaptive security appliance softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower threat defense softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:0

Trust: 0.3

sources: BID: 105673 // JVNDB: JVNDB-2018-010869 // CNNVD: CNNVD-201810-191 // NVD: CVE-2018-15399

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-15399
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-15399
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201810-191
value: MEDIUM

Trust: 0.6

VULHUB: VHN-125654
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-15399
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-125654
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-15399
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.2
impactScore: 4.0
version: 3.1

Trust: 1.0

NVD: CVE-2018-15399
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-125654 // JVNDB: JVNDB-2018-010869 // CNNVD: CNNVD-201810-191 // NVD: CVE-2018-15399

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.9

problemtype:CWE-770

Trust: 1.1

sources: VULHUB: VHN-125654 // JVNDB: JVNDB-2018-010869 // NVD: CVE-2018-15399

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201810-191

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201810-191

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-010869

PATCH

title:cisco-sa-20181003-asa-syslog-dosurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-syslog-dos

Trust: 0.8

title:Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85405

Trust: 0.6

sources: JVNDB: JVNDB-2018-010869 // CNNVD: CNNVD-201810-191

EXTERNAL IDS

db:NVDid:CVE-2018-15399

Trust: 2.8

db:SECTRACKid:1041785

Trust: 1.7

db:JVNDBid:JVNDB-2018-010869

Trust: 0.8

db:CNNVDid:CNNVD-201810-191

Trust: 0.6

db:BIDid:105673

Trust: 0.3

db:VULHUBid:VHN-125654

Trust: 0.1

sources: VULHUB: VHN-125654 // BID: 105673 // JVNDB: JVNDB-2018-010869 // CNNVD: CNNVD-201810-191 // NVD: CVE-2018-15399

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181003-asa-syslog-dos

Trust: 2.0

url:http://www.securitytracker.com/id/1041785

Trust: 1.7

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15399

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-15399

Trust: 0.8

url:http://www.cisco.com/

Trust: 0.3

sources: VULHUB: VHN-125654 // BID: 105673 // JVNDB: JVNDB-2018-010869 // CNNVD: CNNVD-201810-191 // NVD: CVE-2018-15399

CREDITS

J-M Roth

Trust: 0.3

sources: BID: 105673

SOURCES

db:VULHUBid:VHN-125654
db:BIDid:105673
db:JVNDBid:JVNDB-2018-010869
db:CNNVDid:CNNVD-201810-191
db:NVDid:CVE-2018-15399

LAST UPDATE DATE

2024-08-14T15:18:14.922000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-125654date:2020-08-31T00:00:00
db:BIDid:105673date:2018-10-03T00:00:00
db:JVNDBid:JVNDB-2018-010869date:2018-12-26T00:00:00
db:CNNVDid:CNNVD-201810-191date:2020-10-22T00:00:00
db:NVDid:CVE-2018-15399date:2023-08-15T15:21:44.127

SOURCES RELEASE DATE

db:VULHUBid:VHN-125654date:2018-10-05T00:00:00
db:BIDid:105673date:2018-10-03T00:00:00
db:JVNDBid:JVNDB-2018-010869date:2018-12-26T00:00:00
db:CNNVDid:CNNVD-201810-191date:2018-10-08T00:00:00
db:NVDid:CVE-2018-15399date:2018-10-05T14:29:08.327