ID

VAR-201811-0173


CVE

CVE-2018-15454


TITLE

Cisco ASA and FTD SIP Inspection denial-of-service vulnerability

Trust: 0.8

sources: CERT/CC: VU#339704

DESCRIPTION

A vulnerability in the Session Initiation Protocol (SIP) inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload or trigger high CPU, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of SIP traffic. An attacker could exploit this vulnerability by sending SIP requests designed to specifically trigger this issue at a high rate across an affected device. Software updates that address this vulnerability are not yet available. Multiple Cisco Products are prone to an remote denial-of-service vulnerability. Successful exploits may allow an attacker to reload the affected device, resulting in a denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCvm43975. Cisco 3000 Series Industrial Security Appliance (ISA) and so on are different series of security equipment of American Cisco (Cisco). A remote attacker could exploit this vulnerability to cause a denial of service

Trust: 2.79

sources: NVD: CVE-2018-15454 // CERT/CC: VU#339704 // JVNDB: JVNDB-2018-008979 // BID: 105768 // VULHUB: VHN-125715 // VULMON: CVE-2018-15454

AFFECTED PRODUCTS

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.8

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.2.3

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.4.4.27

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.2.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.2.2.4

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.6.4.18

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.2.2

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.9.2.32

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.10

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.8.3.16

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.10.1.2

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.1.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.2.0.6

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.2.3.7

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.6

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.4

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.1.0.7

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.9

Trust: 1.0

vendor:ciscomodel: - scope: - version: -

Trust: 0.8

vendor:ciscomodel:adaptive security appliance softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower threat defense softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower threat defense virtualscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.3

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.2

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.1

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.2.2

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.2.1

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.1

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.0.5

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.1.0.6

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.1.0.5

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.0.1.4

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.0.1

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.0

Trust: 0.3

vendor:ciscomodel:firepower security appliancescope:eqversion:93000

Trust: 0.3

vendor:ciscomodel:firepower series security appliancesscope:eqversion:41000

Trust: 0.3

vendor:ciscomodel:firepower series security appliancescope:eqversion:21000

Trust: 0.3

vendor:ciscomodel:asa services module for cisco catalyst series switchesscope:eqversion:65000

Trust: 0.3

vendor:ciscomodel:asa series next-generation firewallsscope:eqversion:5500-x0

Trust: 0.3

vendor:ciscomodel:asa series firewallsscope:eqversion:5500-x9.9(2)

Trust: 0.3

vendor:ciscomodel:adaptive security virtual appliancescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6.3

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4.4

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4.1

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.9

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.8

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.7(1)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.7(0.99)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.7

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6.4(6)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6.4(3)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6.3.20

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6.3.17

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6.3(1)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6.2.9

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6.2.21

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6.2

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6.1(11)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6(3)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6(2.99)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6(2.10)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6(1.5)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.6

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.5.3.9

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.5.3.7

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.5.2.8

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.5.2.7

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.5(3)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.5(2.6)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.5(2.2)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.5(2)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.5(1.4)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.5

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4.4.6

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4.4.14

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4.4.13

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4.3.3

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4.3.2

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4.3.1

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4.3(8)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4.2.6

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4.(0.115)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4(4)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4(3.6)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4(2.6)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4(2.4)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4(2)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4(1.1)

Trust: 0.3

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion:9.4

Trust: 0.3

vendor:ciscomodel:series industrial security appliancescope:eqversion:30000

Trust: 0.3

sources: CERT/CC: VU#339704 // BID: 105768 // JVNDB: JVNDB-2018-008979 // NVD: CVE-2018-15454

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2018-15454
value: HIGH

Trust: 1.6

nvd@nist.gov: CVE-2018-15454
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2018-15454
value: HIGH

Trust: 1.0

CNNVD: CNNVD-201810-1569
value: HIGH

Trust: 0.6

VULHUB: VHN-125715
value: HIGH

Trust: 0.1

VULMON: CVE-2018-15454
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-15454
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

NVD: CVE-2018-15454
severity: HIGH
baseScore: 7.8
vectorString: NONE
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-125715
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-15454
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.0

Trust: 2.0

NVD: CVE-2018-15454
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CERT/CC: VU#339704 // VULHUB: VHN-125715 // VULMON: CVE-2018-15454 // JVNDB: JVNDB-2018-008979 // CNNVD: CNNVD-201810-1569 // NVD: CVE-2018-15454 // NVD: CVE-2018-15454

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.1

sources: VULHUB: VHN-125715 // NVD: CVE-2018-15454

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201810-1569

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201810-1569

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-008979

EXPLOIT AVAILABILITY

sources: CERT/CC: VU#339704

PATCH

title:Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Denial of Service Vulnerability url:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181031-asaftd-sip-dos

Trust: 0.8

title:Cisco: Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Denial of Service Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20181031-asaftd-sip-dos

Trust: 0.1

title:Threatposturl:https://threatpost.com/cisco-fixes-critical-flaw-in-wireless-vpn-firewall-routers/142284/

Trust: 0.1

title:Threatposturl:https://threatpost.com/cisco-security-appliance-zero-day-found-actively-exploited-in-the-wild/138763/

Trust: 0.1

title:BleepingComputerurl:https://www.bleepingcomputer.com/news/security/attackers-use-zero-day-that-can-restart-cisco-security-appliances/

Trust: 0.1

sources: VULMON: CVE-2018-15454 // JVNDB: JVNDB-2018-008979

EXTERNAL IDS

db:NVDid:CVE-2018-15454

Trust: 2.9

db:BIDid:105768

Trust: 2.1

db:SECTRACKid:1042129

Trust: 1.8

db:CERT/CCid:VU#339704

Trust: 1.7

db:JVNid:JVNVU93926212

Trust: 0.8

db:JVNDBid:JVNDB-2018-008979

Trust: 0.8

db:CNNVDid:CNNVD-201810-1569

Trust: 0.7

db:VULHUBid:VHN-125715

Trust: 0.1

db:VULMONid:CVE-2018-15454

Trust: 0.1

sources: CERT/CC: VU#339704 // VULHUB: VHN-125715 // VULMON: CVE-2018-15454 // BID: 105768 // JVNDB: JVNDB-2018-008979 // CNNVD: CNNVD-201810-1569 // NVD: CVE-2018-15454

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181031-asaftd-sip-dos

Trust: 2.9

url:http://www.securityfocus.com/bid/105768

Trust: 1.9

url:http://www.securitytracker.com/id/1042129

Trust: 1.8

url:https://www.kb.cert.org/vuls/id/339704

Trust: 0.9

url:https://www.cisco.com/c/en/us/products/security/adaptive-security-appliance-asa-software/index.html

Trust: 0.8

url:https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-firewalls/212420-configure-firepower-threat-defense-ftd.html

Trust: 0.8

url:https://www.cisco.com/c/en/us/td/docs/security/asa/asa96/configuration/firewall/asa-96-firewall-config/inspect-voicevideo.html#id-2096-00000613

Trust: 0.8

url:https://www.cisco.com/c/en/us/td/docs/security/asa/asa99/configuration/firewall/asa-99-firewall-config/inspect-voicevideo.pdf

Trust: 0.8

url:https://en.wikipedia.org/wiki/session_initiation_protocol

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15454

Trust: 0.8

url:https://jvn.jp/vu/jvnvu93926212/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-15454

Trust: 0.8

url:http://www.cisco.com/

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/20.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: CERT/CC: VU#339704 // VULHUB: VHN-125715 // VULMON: CVE-2018-15454 // BID: 105768 // JVNDB: JVNDB-2018-008979 // CNNVD: CNNVD-201810-1569 // NVD: CVE-2018-15454

CREDITS

The Cisco Product Security Incident Response Team (PSIRT) has become aware of active exploitation of the vulnerability that is described in this advisory.

Trust: 0.6

sources: CNNVD: CNNVD-201810-1569

SOURCES

db:CERT/CCid:VU#339704
db:VULHUBid:VHN-125715
db:VULMONid:CVE-2018-15454
db:BIDid:105768
db:JVNDBid:JVNDB-2018-008979
db:CNNVDid:CNNVD-201810-1569
db:NVDid:CVE-2018-15454

LAST UPDATE DATE

2024-09-09T23:03:29.219000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#339704date:2018-11-05T00:00:00
db:VULHUBid:VHN-125715date:2019-10-09T00:00:00
db:VULMONid:CVE-2018-15454date:2019-10-09T00:00:00
db:BIDid:105768date:2018-10-31T00:00:00
db:JVNDBid:JVNDB-2018-008979date:2018-11-05T00:00:00
db:CNNVDid:CNNVD-201810-1569date:2019-10-17T00:00:00
db:NVDid:CVE-2018-15454date:2023-08-15T15:24:56.340

SOURCES RELEASE DATE

db:CERT/CCid:VU#339704date:2018-11-01T00:00:00
db:VULHUBid:VHN-125715date:2018-11-01T00:00:00
db:VULMONid:CVE-2018-15454date:2018-11-01T00:00:00
db:BIDid:105768date:2018-10-31T00:00:00
db:JVNDBid:JVNDB-2018-008979date:2018-11-05T00:00:00
db:CNNVDid:CNNVD-201810-1569date:2018-11-02T00:00:00
db:NVDid:CVE-2018-15454date:2018-11-01T12:29:00.190