ID

VAR-201905-0765


CVE

CVE-2018-15462


TITLE

Cisco Firepower Threat Defense Software resource management vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-015298

DESCRIPTION

A vulnerability in the TCP ingress handler for the data interfaces that are configured with management access to Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an increase in CPU and memory usage, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient ingress TCP rate limiting for TCP ports 22 (SSH) and 443 (HTTPS). An attacker could exploit this vulnerability by sending a crafted, steady stream of TCP traffic to port 22 or 443 on the data interfaces that are configured with management access to the affected device. Cisco Firepower Threat Defense (FTD) The software contains a resource management vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Exploiting this issue allows remote attackers to cause a denial-of-service condition due to increase in CPU and memory usage. This issue is being tracked by Cisco Bug ID CSCvf95761, CSCvg76064, CSCvk35736, CSCvn51149

Trust: 1.98

sources: NVD: CVE-2018-15462 // JVNDB: JVNDB-2018-015298 // BID: 108178 // VULHUB: VHN-125724

AFFECTED PRODUCTS

vendor:ciscomodel:firepower threat defensescope:ltversion:6.3.0.3

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.2.3.12

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.3.0

Trust: 1.0

vendor:ciscomodel:firepower threat defense softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower threat defense virtualscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.3

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.3

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.2

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.1

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.1

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.0.1

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.0

Trust: 0.3

vendor:ciscomodel:firepower security appliancesscope:eqversion:93000

Trust: 0.3

vendor:ciscomodel:firepower seriesscope:eqversion:41000

Trust: 0.3

vendor:ciscomodel:firepower seriesscope:eqversion:21000

Trust: 0.3

vendor:ciscomodel:asa series firewallsscope:eqversion:5500-x0

Trust: 0.3

vendor:ciscomodel:series industrial security appliancesscope:eqversion:30000

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:neversion:6.3.0.3

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:neversion:6.2.3.12

Trust: 0.3

sources: BID: 108178 // JVNDB: JVNDB-2018-015298 // NVD: CVE-2018-15462

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-15462
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2018-15462
value: HIGH

Trust: 1.0

NVD: CVE-2018-15462
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201905-006
value: HIGH

Trust: 0.6

VULHUB: VHN-125724
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-15462
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-125724
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-15462
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

ykramarz@cisco.com: CVE-2018-15462
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.0

Trust: 1.0

sources: VULHUB: VHN-125724 // JVNDB: JVNDB-2018-015298 // CNNVD: CNNVD-201905-006 // NVD: CVE-2018-15462 // NVD: CVE-2018-15462

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.9

problemtype:CWE-770

Trust: 1.1

sources: VULHUB: VHN-125724 // JVNDB: JVNDB-2018-015298 // NVD: CVE-2018-15462

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-006

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201905-006

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-015298

PATCH

title:cisco-sa-20190501-firepower-dosurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-firepower-dos

Trust: 0.8

title:Cisco Firepower Threat Defense Remediation of resource management error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92157

Trust: 0.6

sources: JVNDB: JVNDB-2018-015298 // CNNVD: CNNVD-201905-006

EXTERNAL IDS

db:NVDid:CVE-2018-15462

Trust: 2.8

db:BIDid:108178

Trust: 2.0

db:JVNDBid:JVNDB-2018-015298

Trust: 0.8

db:AUSCERTid:ESB-2019.1516

Trust: 0.6

db:CNNVDid:CNNVD-201905-006

Trust: 0.6

db:VULHUBid:VHN-125724

Trust: 0.1

sources: VULHUB: VHN-125724 // BID: 108178 // JVNDB: JVNDB-2018-015298 // CNNVD: CNNVD-201905-006 // NVD: CVE-2018-15462

REFERENCES

url:http://www.securityfocus.com/bid/108178

Trust: 2.3

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-firepower-dos

Trust: 2.0

url:https://nvd.nist.gov/vuln/detail/cve-2018-15462

Trust: 1.4

url:http://www.cisco.com/

Trust: 0.9

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15462

Trust: 0.8

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-ftd-cmd-inject

Trust: 0.6

url:https://www.auscert.org.au/bulletins/80106

Trust: 0.6

sources: VULHUB: VHN-125724 // BID: 108178 // JVNDB: JVNDB-2018-015298 // CNNVD: CNNVD-201905-006 // NVD: CVE-2018-15462

CREDITS

Cisco.

Trust: 0.9

sources: BID: 108178 // CNNVD: CNNVD-201905-006

SOURCES

db:VULHUBid:VHN-125724
db:BIDid:108178
db:JVNDBid:JVNDB-2018-015298
db:CNNVDid:CNNVD-201905-006
db:NVDid:CVE-2018-15462

LAST UPDATE DATE

2024-08-14T13:45:04.864000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-125724date:2019-10-03T00:00:00
db:BIDid:108178date:2019-05-01T00:00:00
db:JVNDBid:JVNDB-2018-015298date:2019-05-23T00:00:00
db:CNNVDid:CNNVD-201905-006date:2019-10-08T00:00:00
db:NVDid:CVE-2018-15462date:2019-10-03T00:03:26.223

SOURCES RELEASE DATE

db:VULHUBid:VHN-125724date:2019-05-03T00:00:00
db:BIDid:108178date:2019-05-01T00:00:00
db:JVNDBid:JVNDB-2018-015298date:2019-05-23T00:00:00
db:CNNVDid:CNNVD-201905-006date:2019-05-01T00:00:00
db:NVDid:CVE-2018-15462date:2019-05-03T15:29:00.290