Details of VAR-201905-0765

ID

VAR-201905-0765

CVE

CVE-2018-15462

TITLE

Cisco Firepower Threat Defense Software resource management vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-015298

DESCRIPTION

A vulnerability in the TCP ingress handler for the data interfaces that are configured with management access to Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an increase in CPU and memory usage, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient ingress TCP rate limiting for TCP ports 22 (SSH) and 443 (HTTPS). An attacker could exploit this vulnerability by sending a crafted, steady stream of TCP traffic to port 22 or 443 on the data interfaces that are configured with management access to the affected device. Cisco Firepower Threat Defense (FTD) The software contains a resource management vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Exploiting this issue allows remote attackers to cause a denial-of-service condition due to increase in CPU and memory usage. This issue is being tracked by Cisco Bug ID CSCvf95761, CSCvg76064, CSCvk35736, CSCvn51149

Trust: 1.98

sources: NVD: CVE-2018-15462 // JVNDB: JVNDB-2018-015298 // BID: 108178 // VULHUB: VHN-125724

AFFECTED PRODUCTS

vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.3.0.3	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.2.3.12	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.3.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense software	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower threat defense virtual	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.3	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.2.3	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.2.2	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.2	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.1	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.2.1	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.0	Trust: 0.3
vendor:	cisco	model:	firepower security appliances	scope:	eq	version:	93000	Trust: 0.3
vendor:	cisco	model:	firepower series	scope:	eq	version:	41000	Trust: 0.3
vendor:	cisco	model:	firepower series	scope:	eq	version:	21000	Trust: 0.3
vendor:	cisco	model:	asa series firewalls	scope:	eq	version:	5500-x0	Trust: 0.3
vendor:	cisco	model:	series industrial security appliances	scope:	eq	version:	30000	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	ne	version:	6.3.0.3	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	ne	version:	6.2.3.12	Trust: 0.3

sources: BID: 108178 // JVNDB: JVNDB-2018-015298 // NVD: CVE-2018-15462

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-15462
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2018-15462
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-15462
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201905-006
value:	HIGH
Trust: 0.6
VULHUB:	VHN-125724
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-15462
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-125724
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-15462
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8
ykramarz@cisco.com:	CVE-2018-15462
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.0
version:	3.0
Trust: 1.0

sources: VULHUB: VHN-125724 // JVNDB: JVNDB-2018-015298 // CNNVD: CNNVD-201905-006 // NVD: CVE-2018-15462 // NVD: CVE-2018-15462

PROBLEMTYPE DATA

problemtype:	CWE-399	Trust: 1.9
problemtype:	CWE-770	Trust: 1.1

sources: VULHUB: VHN-125724 // JVNDB: JVNDB-2018-015298 // NVD: CVE-2018-15462

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-006

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201905-006

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-015298

PATCH

title:	cisco-sa-20190501-firepower-dos	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-firepower-dos	Trust: 0.8
title:	Cisco Firepower Threat Defense Remediation of resource management error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92157	Trust: 0.6

sources: JVNDB: JVNDB-2018-015298 // CNNVD: CNNVD-201905-006

EXTERNAL IDS

db:	NVD	id:	CVE-2018-15462	Trust: 2.8
db:	BID	id:	108178	Trust: 2.0
db:	JVNDB	id:	JVNDB-2018-015298	Trust: 0.8
db:	AUSCERT	id:	ESB-2019.1516	Trust: 0.6
db:	CNNVD	id:	CNNVD-201905-006	Trust: 0.6
db:	VULHUB	id:	VHN-125724	Trust: 0.1

sources: VULHUB: VHN-125724 // BID: 108178 // JVNDB: JVNDB-2018-015298 // CNNVD: CNNVD-201905-006 // NVD: CVE-2018-15462

REFERENCES

url:	http://www.securityfocus.com/bid/108178	Trust: 2.3
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-firepower-dos	Trust: 2.0
url:	https://nvd.nist.gov/vuln/detail/cve-2018-15462	Trust: 1.4
url:	http://www.cisco.com/	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15462	Trust: 0.8
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-ftd-cmd-inject	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/80106	Trust: 0.6

sources: VULHUB: VHN-125724 // BID: 108178 // JVNDB: JVNDB-2018-015298 // CNNVD: CNNVD-201905-006 // NVD: CVE-2018-15462

CREDITS

Cisco.

Trust: 0.9

sources: BID: 108178 // CNNVD: CNNVD-201905-006

SOURCES

db:	VULHUB	id:	VHN-125724
db:	BID	id:	108178
db:	JVNDB	id:	JVNDB-2018-015298
db:	CNNVD	id:	CNNVD-201905-006
db:	NVD	id:	CVE-2018-15462

LAST UPDATE DATE

2024-08-14T13:45:04.864000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-125724	date:	2019-10-03T00:00:00
db:	BID	id:	108178	date:	2019-05-01T00:00:00
db:	JVNDB	id:	JVNDB-2018-015298	date:	2019-05-23T00:00:00
db:	CNNVD	id:	CNNVD-201905-006	date:	2019-10-08T00:00:00
db:	NVD	id:	CVE-2018-15462	date:	2019-10-03T00:03:26.223

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-125724	date:	2019-05-03T00:00:00
db:	BID	id:	108178	date:	2019-05-01T00:00:00
db:	JVNDB	id:	JVNDB-2018-015298	date:	2019-05-23T00:00:00
db:	CNNVD	id:	CNNVD-201905-006	date:	2019-05-01T00:00:00
db:	NVD	id:	CVE-2018-15462	date:	2019-05-03T15:29:00.290