{
  "document": {
    "acknowledgments": [
      {
        "organization": "Rockwell Automation",
        "summary": "reporting these vulnerabilities to NCCIC"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of these vulnerabilities could allow an attacker to bypass client certification to create connections to the affected device or cause the device to crash.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Critical Manufacturing, Energy, Water and Wastewater Systems",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Wisconsin, USA",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC also recommends that users take the following measures to protect themselves from social engineering attacks:",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target these vulnerabilities.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-18-184-01 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2018/icsa-18-184-01.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-18-184-01 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-184-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-184-01"
      }
    ],
    "title": "Rockwell Automation Allen-Bradley Stratix 5950",
    "tracking": {
      "current_release_date": "2018-07-03T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-18-184-01",
      "initial_release_date": "2018-07-03T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2018-07-03T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-18-184-01 Rockwell Automation Allen-Bradley Stratix 5950"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "1783-SAD4T0SBK9",
                "product": {
                  "name": "Allen-Bradley Stratix 5950: 1783-SAD4T0SBK9",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "Allen-Bradley Stratix 5950"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "1783-SAD2T2SPK9",
                "product": {
                  "name": "Allen-Bradley Stratix 5950: 1783-SAD2T2SPK9",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "Allen-Bradley Stratix 5950"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "1783-SAD4T0SPK9",
                "product": {
                  "name": "Allen-Bradley Stratix 5950: 1783-SAD4T0SPK9",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "Allen-Bradley Stratix 5950"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "1783-SAD2T2SBK9",
                "product": {
                  "name": "Allen-Bradley Stratix 5950: 1783-SAD2T2SBK9",
                  "product_id": "CSAFPID-0004"
                }
              }
            ],
            "category": "product_name",
            "name": "Allen-Bradley Stratix 5950"
          }
        ],
        "category": "vendor",
        "name": "Rockwell Automation"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-0228",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability in the ingress flow creation functionality of the Cisco ASA could allow an unauthenticated, remote threat actor to cause the CPU to increase upwards of 100 percent utilization, causing a denial-of-service (DoS) condition on an affected system.CVE-2018-0228 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0228"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "CVE-2018-0228 \u2014 The ASA and FTD configuration commands\u2014set connection per-client-embryonic-max (TCP) and set connection per-client-max (TCP, UDP, and Stream Control Transmission Protocol [SCTP])\u2014can be configured to limit the number of connection requests allowed. Using these configuration parameters can reduce the number of connections and greatly reduce the impact of the DoS attack.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        },
        {
          "category": "mitigation",
          "details": "For additional information please see the Rockwell Automation security notification at (login required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1073860",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://urldefense.proofpoint.com/v2/url?u=https-3A__rockwellautomation.custhelp.com_app_answers_detail_a-5Fid_1073860\u0026d=DwMGaQ\u0026c=54IZrppPQZKX9mLzcGdPfFD1hxrcB__aEkJFOKJFd00\u0026r=zE5lG3CZZIbdBvT6slVAzQ\u0026m=d7_uax5LG0vjWoCGwelqASZRyzRGG85aflD3xxdn7I4\u0026s=QsGtt5inxh43clly39aymIsyKWnoKwawSFbQUhiVVhA\u0026e="
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2018-0227",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability in the Secure Sockets Layer (SSL) Virtual Private Network (VPN) Client Certificate Authentication feature for the Cisco ASA could allow an unauthenticated, remote threat actor to establish an SSL VPN connection and bypass certain SSL certificate verification steps.CVE-2018-0227 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0227"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "CVE-2018-0227 \u2014 No workarounds available",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        },
        {
          "category": "mitigation",
          "details": "For additional information please see the Rockwell Automation security notification at (login required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1073860",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://urldefense.proofpoint.com/v2/url?u=https-3A__rockwellautomation.custhelp.com_app_answers_detail_a-5Fid_1073860\u0026d=DwMGaQ\u0026c=54IZrppPQZKX9mLzcGdPfFD1hxrcB__aEkJFOKJFd00\u0026r=zE5lG3CZZIbdBvT6slVAzQ\u0026m=d7_uax5LG0vjWoCGwelqASZRyzRGG85aflD3xxdn7I4\u0026s=QsGtt5inxh43clly39aymIsyKWnoKwawSFbQUhiVVhA\u0026e="
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2018-0231",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability in the Transport Layer Security library of the Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote threat actor to trigger a reload of the affected device, resulting in a DoS condition.CVE-2018-0231 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0231"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "CVE-2018-0231 \u2014 No workarounds available",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        },
        {
          "category": "mitigation",
          "details": "For additional information please see the Rockwell Automation security notification at (login required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1073860",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://urldefense.proofpoint.com/v2/url?u=https-3A__rockwellautomation.custhelp.com_app_answers_detail_a-5Fid_1073860\u0026d=DwMGaQ\u0026c=54IZrppPQZKX9mLzcGdPfFD1hxrcB__aEkJFOKJFd00\u0026r=zE5lG3CZZIbdBvT6slVAzQ\u0026m=d7_uax5LG0vjWoCGwelqASZRyzRGG85aflD3xxdn7I4\u0026s=QsGtt5inxh43clly39aymIsyKWnoKwawSFbQUhiVVhA\u0026e="
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2018-0240",
      "cwe": {
        "id": "CWE-841",
        "name": "Improper Enforcement of Behavioral Workflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Multiple vulnerabilities in the Application Layer Protocol Inspection feature of the Cisco ASA Software and Cisco FTD Software could allow an unauthenticated, remote threat actor to trigger a reload of an affected device, resulting in a DoS condition.CVE-2018-0240 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0240"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "CVE-2018-0240 \u2014 No workarounds available",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        },
        {
          "category": "mitigation",
          "details": "For additional information please see the Rockwell Automation security notification at (login required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1073860",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://urldefense.proofpoint.com/v2/url?u=https-3A__rockwellautomation.custhelp.com_app_answers_detail_a-5Fid_1073860\u0026d=DwMGaQ\u0026c=54IZrppPQZKX9mLzcGdPfFD1hxrcB__aEkJFOKJFd00\u0026r=zE5lG3CZZIbdBvT6slVAzQ\u0026m=d7_uax5LG0vjWoCGwelqASZRyzRGG85aflD3xxdn7I4\u0026s=QsGtt5inxh43clly39aymIsyKWnoKwawSFbQUhiVVhA\u0026e="
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2018-0296",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability in the web interface of the Cisco ASA could allow an unauthenticated, remote threat actor to cause an affected device to reload unexpectedly, resulting in a DoS condition. It is also possible on certain software releases that the ASA will not reload, but a threat actor could view sensitive system information without authentication by using directory traversal techniques.CVE-2018-0296 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0296"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "CVE-2018-0296 \u2014 Cisco has released Snort Rule 46897",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.cisco.com/web/software/286271056/117258/sf-rules-2018-06-07-new.html"
        },
        {
          "category": "mitigation",
          "details": "For additional information please see the Rockwell Automation security notification at (login required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1073860",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://urldefense.proofpoint.com/v2/url?u=https-3A__rockwellautomation.custhelp.com_app_answers_detail_a-5Fid_1073860\u0026d=DwMGaQ\u0026c=54IZrppPQZKX9mLzcGdPfFD1hxrcB__aEkJFOKJFd00\u0026r=zE5lG3CZZIbdBvT6slVAzQ\u0026m=d7_uax5LG0vjWoCGwelqASZRyzRGG85aflD3xxdn7I4\u0026s=QsGtt5inxh43clly39aymIsyKWnoKwawSFbQUhiVVhA\u0026e="
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ]
    }
  ]
}

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Rockwell Automation",
        "summary": "reporting these vulnerabilities to NCCIC"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of these vulnerabilities could allow an attacker to bypass client certification to create connections to the affected device or cause the device to crash.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Critical Manufacturing, Energy, Water and Wastewater Systems",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Wisconsin, USA",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "NCCIC also recommends that users take the following measures to protect themselves from social engineering attacks:",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target these vulnerabilities.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-18-184-01 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2018/icsa-18-184-01.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-18-184-01 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-184-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-184-01"
      }
    ],
    "title": "Rockwell Automation Allen-Bradley Stratix 5950",
    "tracking": {
      "current_release_date": "2018-07-03T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-18-184-01",
      "initial_release_date": "2018-07-03T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2018-07-03T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "ICSA-18-184-01 Rockwell Automation Allen-Bradley Stratix 5950"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "1783-SAD4T0SBK9",
                "product": {
                  "name": "Allen-Bradley Stratix 5950: 1783-SAD4T0SBK9",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "Allen-Bradley Stratix 5950"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "1783-SAD2T2SPK9",
                "product": {
                  "name": "Allen-Bradley Stratix 5950: 1783-SAD2T2SPK9",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "Allen-Bradley Stratix 5950"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "1783-SAD4T0SPK9",
                "product": {
                  "name": "Allen-Bradley Stratix 5950: 1783-SAD4T0SPK9",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "Allen-Bradley Stratix 5950"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "1783-SAD2T2SBK9",
                "product": {
                  "name": "Allen-Bradley Stratix 5950: 1783-SAD2T2SBK9",
                  "product_id": "CSAFPID-0004"
                }
              }
            ],
            "category": "product_name",
            "name": "Allen-Bradley Stratix 5950"
          }
        ],
        "category": "vendor",
        "name": "Rockwell Automation"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-0228",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability in the ingress flow creation functionality of the Cisco ASA could allow an unauthenticated, remote threat actor to cause the CPU to increase upwards of 100 percent utilization, causing a denial-of-service (DoS) condition on an affected system.CVE-2018-0228 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0228"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "CVE-2018-0228 \u2014 The ASA and FTD configuration commands\u2014set connection per-client-embryonic-max (TCP) and set connection per-client-max (TCP, UDP, and Stream Control Transmission Protocol [SCTP])\u2014can be configured to limit the number of connection requests allowed. Using these configuration parameters can reduce the number of connections and greatly reduce the impact of the DoS attack.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        },
        {
          "category": "mitigation",
          "details": "For additional information please see the Rockwell Automation security notification at (login required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1073860",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://urldefense.proofpoint.com/v2/url?u=https-3A__rockwellautomation.custhelp.com_app_answers_detail_a-5Fid_1073860\u0026d=DwMGaQ\u0026c=54IZrppPQZKX9mLzcGdPfFD1hxrcB__aEkJFOKJFd00\u0026r=zE5lG3CZZIbdBvT6slVAzQ\u0026m=d7_uax5LG0vjWoCGwelqASZRyzRGG85aflD3xxdn7I4\u0026s=QsGtt5inxh43clly39aymIsyKWnoKwawSFbQUhiVVhA\u0026e="
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2018-0227",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability in the Secure Sockets Layer (SSL) Virtual Private Network (VPN) Client Certificate Authentication feature for the Cisco ASA could allow an unauthenticated, remote threat actor to establish an SSL VPN connection and bypass certain SSL certificate verification steps.CVE-2018-0227 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0227"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "CVE-2018-0227 \u2014 No workarounds available",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        },
        {
          "category": "mitigation",
          "details": "For additional information please see the Rockwell Automation security notification at (login required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1073860",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://urldefense.proofpoint.com/v2/url?u=https-3A__rockwellautomation.custhelp.com_app_answers_detail_a-5Fid_1073860\u0026d=DwMGaQ\u0026c=54IZrppPQZKX9mLzcGdPfFD1hxrcB__aEkJFOKJFd00\u0026r=zE5lG3CZZIbdBvT6slVAzQ\u0026m=d7_uax5LG0vjWoCGwelqASZRyzRGG85aflD3xxdn7I4\u0026s=QsGtt5inxh43clly39aymIsyKWnoKwawSFbQUhiVVhA\u0026e="
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2018-0231",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability in the Transport Layer Security library of the Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote threat actor to trigger a reload of the affected device, resulting in a DoS condition.CVE-2018-0231 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0231"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "CVE-2018-0231 \u2014 No workarounds available",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        },
        {
          "category": "mitigation",
          "details": "For additional information please see the Rockwell Automation security notification at (login required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1073860",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://urldefense.proofpoint.com/v2/url?u=https-3A__rockwellautomation.custhelp.com_app_answers_detail_a-5Fid_1073860\u0026d=DwMGaQ\u0026c=54IZrppPQZKX9mLzcGdPfFD1hxrcB__aEkJFOKJFd00\u0026r=zE5lG3CZZIbdBvT6slVAzQ\u0026m=d7_uax5LG0vjWoCGwelqASZRyzRGG85aflD3xxdn7I4\u0026s=QsGtt5inxh43clly39aymIsyKWnoKwawSFbQUhiVVhA\u0026e="
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2018-0240",
      "cwe": {
        "id": "CWE-841",
        "name": "Improper Enforcement of Behavioral Workflow"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Multiple vulnerabilities in the Application Layer Protocol Inspection feature of the Cisco ASA Software and Cisco FTD Software could allow an unauthenticated, remote threat actor to trigger a reload of an affected device, resulting in a DoS condition.CVE-2018-0240 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0240"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "CVE-2018-0240 \u2014 No workarounds available",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        },
        {
          "category": "mitigation",
          "details": "For additional information please see the Rockwell Automation security notification at (login required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1073860",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://urldefense.proofpoint.com/v2/url?u=https-3A__rockwellautomation.custhelp.com_app_answers_detail_a-5Fid_1073860\u0026d=DwMGaQ\u0026c=54IZrppPQZKX9mLzcGdPfFD1hxrcB__aEkJFOKJFd00\u0026r=zE5lG3CZZIbdBvT6slVAzQ\u0026m=d7_uax5LG0vjWoCGwelqASZRyzRGG85aflD3xxdn7I4\u0026s=QsGtt5inxh43clly39aymIsyKWnoKwawSFbQUhiVVhA\u0026e="
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ]
    },
    {
      "cve": "CVE-2018-0296",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability in the web interface of the Cisco ASA could allow an unauthenticated, remote threat actor to cause an affected device to reload unexpectedly, resulting in a DoS condition. It is also possible on certain software releases that the ASA will not reload, but a threat actor could view sensitive system information without authentication by using directory traversal techniques.CVE-2018-0296 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0296"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "CVE-2018-0296 \u2014 Cisco has released Snort Rule 46897",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://www.cisco.com/web/software/286271056/117258/sf-rules-2018-06-07-new.html"
        },
        {
          "category": "mitigation",
          "details": "For additional information please see the Rockwell Automation security notification at (login required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1073860",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "https://urldefense.proofpoint.com/v2/url?u=https-3A__rockwellautomation.custhelp.com_app_answers_detail_a-5Fid_1073860\u0026d=DwMGaQ\u0026c=54IZrppPQZKX9mLzcGdPfFD1hxrcB__aEkJFOKJFd00\u0026r=zE5lG3CZZIbdBvT6slVAzQ\u0026m=d7_uax5LG0vjWoCGwelqASZRyzRGG85aflD3xxdn7I4\u0026s=QsGtt5inxh43clly39aymIsyKWnoKwawSFbQUhiVVhA\u0026e="
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ]
    }
  ]
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0BDC88FF-EC1E-4DE6-AF24-ED5FA6F23A36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:98.1\\(1.154\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B70B5017-9388-4BE6-82DD-18FE5E02A2E5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21752F70-F117-4BEE-AF64-3A0A7999E9EC",
              "versionEndExcluding": "6.1.0.6",
              "versionStartIncluding": "6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "23649FB2-22EB-48EB-A05E-FD38916F0C04",
              "versionEndExcluding": "6.2.2.1",
              "versionStartIncluding": "6.2.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious TLS message to an interface enabled for Secure Layer Socket (SSL) services on an affected device. Messages using SSL Version 3 (SSLv3) or SSL Version 2 (SSLv2) cannot be be used to exploit this vulnerability. An exploit could allow the attacker to cause a buffer underflow, triggering a crash on an affected device. This vulnerability affects Cisco ASA Software and Cisco FTD Software that is running on the following Cisco products: Adaptive Security Virtual Appliance (ASAv), Firepower Threat Defense Virtual (FTDv), Firepower 2100 Series Security Appliance. Cisco Bug IDs: CSCve18902, CSCve34335, CSCve38446."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la biblioteca Transport Layer Security (TLS) de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software podr\u00eda permitir que un atacante remoto no autenticado desencadene una recarga del dispositivo afectado, lo que resulta en una denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de las entradas realizadas por el usuario. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un mensaje TLS malicioso a una interfaz habilitada para los servicios SSL (Secure Sockets Layer) en un dispositivo afectado. Los mensajes que empleen la versi\u00f3n 3 (SSLv3) o la versi\u00f3n 2 (SSLv2) de SSL no pueden emplearse para explotar esta vulnerabilidad. Su explotaci\u00f3n podr\u00eda permitir que el atacante provoque un subdesbordamiento de b\u00fafer, desencadenando un cierre inesperado en el dispositivo afectado. Esta vulnerabilidad afecta a las versiones de Cisco ASA Software y Cisco FTD Software que se ejecutan en los siguientes productos de Cisco: Adaptive Security Virtual Appliance (ASAv), Firepower Threat Defense Virtual (FTDv) y Firepower 2100 Series Security Appliance. Cisco Bug IDs: CSCve18902, CSCve34335, CSCve38446."
    }
  ],
  "id": "CVE-2018-0231",
  "lastModified": "2024-11-21T03:37:47.010",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-04-19T20:29:00.533",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040725"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040725"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

{
  "document": {
    "acknowledgments": [
      {
        "summary": "This vulnerability was found during the resolution of a Cisco TAC support case."
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "notes": [
      {
        "category": "summary",
        "text": "A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service (DoS) condition.\r\n\r\nThe vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious TLS message to an interface enabled for Secure Layer Socket (SSL) services on an affected device. Messages using SSL Version 3 (SSLv3) or SSL Version 2 (SSLv2) cannot be be used to exploit this vulnerability. An exploit could allow the attacker to cause a buffer underflow, triggering a crash on an affected device.\r\n\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\r\n\r\nThis advisory is available at the following link:\r\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3 [\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3\"]",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "This vulnerability affects Cisco ASA Software and Cisco FTD Software that is running on the following Cisco products:\r\n\r\nAdaptive Security Virtual Appliance (ASAv)\r\nFirepower Threat Defense Virtual (FTDv)\r\nFirepower 2100 Series Security Appliance\r\n ASA Software Cisco ASA Software is only vulnerable if running software version 9.2 or later.\r\n\r\nIn the following table, the left column lists the vulnerable Cisco ASA features. The right column indicates the vulnerable configuration from the CLI command show running-config, if it can be determined.\r\n\r\n                           Feature             Vulnerable Configuration\r\n                                         Adaptive Security Device Manager (ASDM)1\r\n             http server enable \u003cport\u003e\r\nhttp \u003cremote_ip_address\u003e \u003cremote_subnet_mask\u003e \u003cinterface_name\u003e                                AnyConnect SSL VPN             webvpn\r\n  enable \u003cinterface_name\u003e                                Cisco Security Manager2             http server enable \u003cport\u003e\r\nhttp \u003cremote_ip_address\u003e \u003cremote_subnet_mask\u003e \u003cinterface_name\u003e                                 Clientless SSL VPN             webvpn\r\n    enable \u003cinterface_name\u003e                                Mobile User Security (MUS)             webvpn\r\n  mus password \u003cpassword\u003e\r\n  mus server enable port \u003cport #\u003e\r\n  mus \u003caddress\u003e \u003cmask\u003e \u003cinterface_name\u003e                                Security Assertion Markup Language (SAML) Single Sign-On (SSO)3             N/A\r\n1 ASDM is vulnerable only from an IP address in the configured http command range.\r\n2 Cisco Security Manager is vulnerable only from an IP address in the configured http command range.\r\n3 SAML SSO is first supported as of software release 9.6.\r\n Determining the Cisco ASA Software Release  To determine whether a vulnerable version of Cisco ASA Software is running on a device, administrators can use the show version command in the CLI. The following example shows the output of the command for a device that is running Cisco ASA Software Release 9.7(1)4:\r\nciscoasa# show version | include Version\r\nCisco Adaptive Security Appliance Software Version 9.7(1)4  Firepower Extensible Operating System Version 2.1(1.66)  Baseboard Management Controller (revision 0x1) Firmware Version: 2.4\r\n    Customers who use Cisco Adaptive Security Device Manager (ASDM) to manage devices can locate the software release in the table that appears in the login window or the upper-left corner of the Cisco ASDM window. FTD Software The FTD Software is only vulnerable if running software versions 6.0, 6.0.1, 6.1.0, 6.2.1, or 6.2.2 prior to their respective first fixed releases.\r\n\r\nIn the following table, the left column lists the vulnerable Cisco FTD features. The right column indicates the vulnerable configuration from the CLI command show running-config, if it can be determined.\r\n\r\n                           Feature             Vulnerable Configuration\r\n                                         HTTP Service enabled1             http server enable \u003cport #\u003e\r\nhttp \u003cremote_ip_address\u003e \u003cremote_subnet_mask\u003e \u003cinterface_name\u003e                               AnyConnect SSL VPN2,3             webvpn\r\n   enable \u003cinterface_name\u003e\r\n1 The HTTP feature is enabled via the Firepower Threat Defense Platform Settings \u003e HTTP configuration page on the Firepower Management Console (FMC).\r\n2 Remote Access VPN features are enabled via the Devices \u003e VPN \u003e Remote Access configuration page on the FMC or via the Device \u003e Remote Access VPN configuration page on the Firepower Device Manager (FDM).\r\n3 Remote Access VPN features are first supported as of software release 6.2.1.\r\n Determining the Cisco FTD Software Release\r\nTo determine which Cisco FTD Software release is running on a device, administrators can log in to the device and use the show version command in the CLI. The following example shows the output of the command for a device that is running Cisco FTD Software Release 6.2.2:\r\n\r\n\r\n\u003e show version\r\n  ------------------[ ftd ]-----------------------\r\nModel : Cisco Firepower 2130 Threat Defense (77) Version 6.2.2 (Build 81)\r\nUUID : 0cd3595a-7efa-11e7-aaa1-ee3989c8bf25\r\nRules update version : 2017-12-20-001-vrt\r\nVDB version : 290\r\n----------------------------------------------------",
        "title": "Vulnerable Products"
      },
      {
        "category": "general",
        "text": "No other Cisco products are currently known to be affected by this vulnerability.",
        "title": "Products Confirmed Not Vulnerable"
      },
      {
        "category": "general",
        "text": "There are no workarounds that address this vulnerability.",
        "title": "Workarounds"
      },
      {
        "category": "general",
        "text": "Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license:\r\nhttps://www.cisco.com/c/en/us/products/end-user-license-agreement.html [\"https://www.cisco.com/c/en/us/products/end-user-license-agreement.html\"]\r\n\r\nAdditionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades.\r\n\r\nWhen considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page [\"https://www.cisco.com/go/psirt\"], to determine exposure and a complete upgrade solution.\r\n\r\nIn all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.\r\n\r\nCustomers Without Service Contracts\r\n\r\nCustomers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC:\r\nhttps://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html [\"https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html\"]\r\n\r\nCustomers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade.\r\n Fixed Releases  Customers should upgrade to an appropriate release as indicated in the table(s) in this section. To help ensure a complete upgrade solution, consider that this advisory is part of a collection that includes the following advisories:\r\n\r\n      cisco-sa-20180418-asa1 [\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa1\"]: Cisco Adaptive Security Appliance SSL Certificate Bypass Vulnerability\r\n      cisco-sa-20180418-asa2 [\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2018418-asa2\"]: Cisco Adaptive Security Appliance Flow Creation Denial of Service Vulnerability\r\n      cisco-sa-20180418-asa3 [\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3\"]: Cisco Adaptive Security Appliance TLS Denial of Service Vulnerability\r\ncisco-sa-20180418-asaanyconnect [\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asaanyconnect\"]: Cisco ASA Software, FTD Software, and AnyConnect Secure Mobility Client SAML Authentication Session Fixation Vulnerability\r\ncisco-sa-20180418-asa_inspect [\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect\"]: Cisco Adaptive Security Appliance Application Layer Protocol Inspection Denial of Service Vulnerability\r\n  In the following table(s), the left column lists major releases of Cisco software. The center column indicates whether a major release is affected by the vulnerability described in this advisory and the first minor release that includes the fix for this vulnerability. The right column indicates whether a major release is affected by all the vulnerabilities described in this collection of advisories and the current recommended release for those vulnerabilities. ASA Software                            Cisco ASA Major Release              First Fixed Release for This Vulnerability\r\n             Recommended Fixed Release for All the Vulnerabilities Described in this Collection of Advisories\r\n                                         Prior to 9.11\r\n             Not vulnerable\r\n             9.1.7.20                               9.1              Not vulnerable              9.1.7.20                               9.2             9.2.4.27             9.2.4.27                               9.31             Migrate to 9.4.4.13\r\n             9.4.4.14                               9.4             9.4.4.13             9.4.4.14                               9.51             Migrate to 9.6.3.20\r\n             9.6.4.6                               9.6             9.6.3.20             9.6.4.6                               9.7             9.7.1.16             9.7.1.24                               9.8             9.8.2.14             9.8.2.28                                9.9             Not vulnerable\r\n             9.9.2.1\r\n1 Cisco ASA Software releases prior to 9.1 and ASA releases 9.3 and 9.5 have reached End of Software Maintenance. Customers should migrate to a supported release.\r\n\r\nThe software is available for download from Cisco Software Center [\"https://software.cisco.com/download/navigator.html\"] by navigating to Products \u003e Security \u003e Firewalls \u003e Adaptive Security Appliances (ASA) \u003e ASA 5500-X Series Firewalls where there is a list of ASA hardware platforms. The majority of these software releases are listed under Interim. FTD Software                            Cisco FTD Major Release\r\n             First Fixed Release for This Vulnerability\r\n             Recommended Fixed Release for All the Vulnerabilities Described in this Collection of Advisories\r\n                                         6.0             Migrate to 6.1.0.6\r\n             Cisco_FTD_SSP_Hotfix_EI-6.1.0.7-2.sh (41xx and 9300 FTD hardware platform)\r\n\r\nCisco_FTD_Hotfix_EI-6.1.0.7-2.sh  (All FTD hardware platforms except 41xx and 9300)                               6.0.1             Migrate to 6.1.0.6\r\n             Cisco_FTD_SSP_Hotfix_EI-6.1.0.7-2.sh (41xx and 9300 FTD hardware platform)\r\n\r\nCisco_FTD_Hotfix_EI-6.1.0.7-2.sh  (All FTD hardware platforms except 41xx and 9300)                               6.1.0             6.1.0.6             Cisco_FTD_SSP_Hotfix_EI-6.1.0.7-2.sh (41xx and 9300 FTD hardware platform)\r\n\r\nCisco_FTD_Hotfix_EI-6.1.0.7-2.sh  (All FTD hardware platforms except 41xx and 9300)                               6.2.0             Not vulnerable1\r\n             6.2.0.5                               6.2.1             Migrate to 6.2.2.1             Cisco_FTD_SSP_Hotfix_BD-6.2.2.3-4.sh.REL.tar (41xx and 9300 FTD hardware platforms)\r\n\r\nCisco_FTD_SSP_FP2K_Hotfix_BD-6.2.2.3-4.sh.REL.tar (21xx FTD hardware platform)\r\n\r\nCisco_FTD_Hotfix_BD-6.2.2.3-4.sh.REL.tar (All other FTD hardware platforms)                               6.2.2             6.2.2.1             Cisco_FTD_SSP_Hotfix_BD-6.2.2.3-4.sh.REL.tar (41xx and 9300 FTD hardware platforms)\r\n\r\nCisco_FTD_SSP_FP2K_Hotfix_BD-6.2.2.3-4.sh.REL.tar (21xx FTD hardware platform)\r\n\r\nCisco_FTD_Hotfix_BD-6.2.2.3-4.sh.REL.tar (All other FTD hardware platforms)                               6.2.3             Not vulnerable\r\n             Cisco_FTD_SSP_Hotfix_A-6.2.3.1-10.sh.REL.tar (41xx and 9300 FTD hardware platforms)\r\n\r\nCisco_FTD_SSP_FP2K_Hotfix_A-6.2.3.1-10.sh.REL.tar (21xx FTD hardware platform)\r\n\r\nCisco_FTD_Hotfix_A-6.2.3.1-10.sh.REL.tar (All other FTD hardware platforms)\r\n1 Cisco FTD Software release 6.2.0 introduced a new HTTP server and thus the attack vector via the HTTP Service no longer applies.\r\n\r\nThe software is available for download from Cisco Software Center [\"https://software.cisco.com/download/navigator.html\"] by navigating to Products \u003e Security \u003e Firewalls\u003e Next-Generation Firewalls (NGFW) where there is a list of possible FTD hardware platforms.",
        "title": "Fixed Software"
      },
      {
        "category": "general",
        "text": "To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html\"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.",
        "title": "Vulnerability Policy"
      },
      {
        "category": "general",
        "text": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
        "title": "Exploitation and Public Announcements"
      },
      {
        "category": "general",
        "text": "This vulnerability was found during the resolution of a Cisco TAC support case.",
        "title": "Source"
      },
      {
        "category": "legal_disclaimer",
        "text": "THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.\r\n\r\nA standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.",
        "title": "Legal Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "Emergency Support:\r\n+1 877 228 7302 (toll-free within North America)\r\n+1 408 525 6532 (International direct-dial)\r\nNon-emergency Support:\r\nEmail: psirt@cisco.com\r\nSupport requests that are received via e-mail are typically acknowledged within 48 hours.",
      "issuing_authority": "Cisco product security incident response is the responsibility of the Cisco Product Security Incident Response Team (PSIRT). The Cisco PSIRT is a dedicated, global team that manages the receipt, investigation, and public reporting of security vulnerability information that is related to Cisco products and networks. The on-call Cisco PSIRT works 24x7 with Cisco customers, independent security researchers, consultants, industry organizations, and other vendors to identify possible security issues with Cisco products and networks.\r\nMore information can be found in Cisco Security Vulnerability Policy available at https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html",
      "name": "Cisco",
      "namespace": "https://wwww.cisco.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "Cisco Adaptive Security Appliance TLS Denial of Service Vulnerability",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3"
      },
      {
        "category": "external",
        "summary": "Cisco Security Vulnerability Policy",
        "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"
      },
      {
        "category": "external",
        "summary": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3"
      },
      {
        "category": "external",
        "summary": "https://www.cisco.com/c/en/us/products/end-user-license-agreement.html",
        "url": "https://www.cisco.com/c/en/us/products/end-user-license-agreement.html"
      },
      {
        "category": "external",
        "summary": "Cisco Security Advisories and Alerts page",
        "url": "https://www.cisco.com/go/psirt"
      },
      {
        "category": "external",
        "summary": "https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html",
        "url": "https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html"
      },
      {
        "category": "external",
        "summary": "cisco-sa-20180418-asa1",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa1"
      },
      {
        "category": "external",
        "summary": "cisco-sa-20180418-asa2",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2018418-asa2"
      },
      {
        "category": "external",
        "summary": "cisco-sa-20180418-asa3",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3"
      },
      {
        "category": "external",
        "summary": "cisco-sa-20180418-asaanyconnect",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asaanyconnect"
      },
      {
        "category": "external",
        "summary": "cisco-sa-20180418-asa_inspect",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect"
      },
      {
        "category": "external",
        "summary": "Software Center",
        "url": "https://software.cisco.com/download/navigator.html"
      },
      {
        "category": "external",
        "summary": "Software Center",
        "url": "https://software.cisco.com/download/navigator.html"
      },
      {
        "category": "external",
        "summary": "Security Vulnerability Policy",
        "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"
      }
    ],
    "title": "Cisco Adaptive Security Appliance TLS Denial of Service Vulnerability",
    "tracking": {
      "current_release_date": "2018-04-18T16:00:00+00:00",
      "generator": {
        "date": "2022-09-03T02:58:23+00:00",
        "engine": {
          "name": "TVCE"
        }
      },
      "id": "cisco-sa-20180418-asa3",
      "initial_release_date": "2018-04-18T16:00:00+00:00",
      "revision_history": [
        {
          "date": "2018-04-18T15:40:16+00:00",
          "number": "1.0.0",
          "summary": "Initial public release."
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "service_pack",
                    "name": "9.2.1",
                    "product": {
                      "name": "9.2.1",
                      "product_id": "CSAFPID-202938"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2.2",
                    "product": {
                      "name": "9.2.2",
                      "product_id": "CSAFPID-202946"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2.2.4",
                    "product": {
                      "name": "9.2.2.4",
                      "product_id": "CSAFPID-202947"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2.2.7",
                    "product": {
                      "name": "9.2.2.7",
                      "product_id": "CSAFPID-202948"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2.3",
                    "product": {
                      "name": "9.2.3",
                      "product_id": "CSAFPID-202949"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2.2.8",
                    "product": {
                      "name": "9.2.2.8",
                      "product_id": "CSAFPID-204544"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2.3.3",
                    "product": {
                      "name": "9.2.3.3",
                      "product_id": "CSAFPID-206489"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2.3.4",
                    "product": {
                      "name": "9.2.3.4",
                      "product_id": "CSAFPID-206490"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2.4",
                    "product": {
                      "name": "9.2.4",
                      "product_id": "CSAFPID-210984"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2.4.2",
                    "product": {
                      "name": "9.2.4.2",
                      "product_id": "CSAFPID-212707"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2.4.4",
                    "product": {
                      "name": "9.2.4.4",
                      "product_id": "CSAFPID-212708"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2.4.8",
                    "product": {
                      "name": "9.2.4.8",
                      "product_id": "CSAFPID-221001"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2.4.10",
                    "product": {
                      "name": "9.2.4.10",
                      "product_id": "CSAFPID-221002"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2.4.13",
                    "product": {
                      "name": "9.2.4.13",
                      "product_id": "CSAFPID-221003"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2.4.14",
                    "product": {
                      "name": "9.2.4.14",
                      "product_id": "CSAFPID-221004"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2.4.16",
                    "product": {
                      "name": "9.2.4.16",
                      "product_id": "CSAFPID-221005"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2.4.17",
                    "product": {
                      "name": "9.2.4.17",
                      "product_id": "CSAFPID-221006"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2.4.18",
                    "product": {
                      "name": "9.2.4.18",
                      "product_id": "CSAFPID-224844"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2.4.19",
                    "product": {
                      "name": "9.2.4.19",
                      "product_id": "CSAFPID-224845"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2.4.5",
                    "product": {
                      "name": "9.2.4.5",
                      "product_id": "CSAFPID-232597"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2.4.20",
                    "product": {
                      "name": "9.2.4.20",
                      "product_id": "CSAFPID-232598"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2.4.22",
                    "product": {
                      "name": "9.2.4.22",
                      "product_id": "CSAFPID-232599"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2.4.24",
                    "product": {
                      "name": "9.2.4.24",
                      "product_id": "CSAFPID-232600"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.2.4.25",
                    "product": {
                      "name": "9.2.4.25",
                      "product_id": "CSAFPID-232913"
                    }
                  }
                ],
                "category": "product_version",
                "name": "9.2"
              },
              {
                "branches": [
                  {
                    "category": "service_pack",
                    "name": "9.3.1",
                    "product": {
                      "name": "9.3.1",
                      "product_id": "CSAFPID-202940"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3.1.1",
                    "product": {
                      "name": "9.3.1.1",
                      "product_id": "CSAFPID-202944"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3.2",
                    "product": {
                      "name": "9.3.2",
                      "product_id": "CSAFPID-202945"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3.2.2",
                    "product": {
                      "name": "9.3.2.2",
                      "product_id": "CSAFPID-206487"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3.3",
                    "product": {
                      "name": "9.3.3",
                      "product_id": "CSAFPID-206488"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3.5",
                    "product": {
                      "name": "9.3.5",
                      "product_id": "CSAFPID-210985"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3.3.1",
                    "product": {
                      "name": "9.3.3.1",
                      "product_id": "CSAFPID-211050"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3.3.2",
                    "product": {
                      "name": "9.3.3.2",
                      "product_id": "CSAFPID-211057"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3.3.5",
                    "product": {
                      "name": "9.3.3.5",
                      "product_id": "CSAFPID-211058"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3.3.6",
                    "product": {
                      "name": "9.3.3.6",
                      "product_id": "CSAFPID-212706"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3.3.9",
                    "product": {
                      "name": "9.3.3.9",
                      "product_id": "CSAFPID-221007"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3.3.10",
                    "product": {
                      "name": "9.3.3.10",
                      "product_id": "CSAFPID-221008"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3.3.11",
                    "product": {
                      "name": "9.3.3.11",
                      "product_id": "CSAFPID-221009"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.3.3.7",
                    "product": {
                      "name": "9.3.3.7",
                      "product_id": "CSAFPID-232596"
                    }
                  }
                ],
                "category": "product_version",
                "name": "9.3"
              },
              {
                "branches": [
                  {
                    "category": "service_pack",
                    "name": "9.4.1",
                    "product": {
                      "name": "9.4.1",
                      "product_id": "CSAFPID-206486"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.0.115",
                    "product": {
                      "name": "9.4.0.115",
                      "product_id": "CSAFPID-207900"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.1.1",
                    "product": {
                      "name": "9.4.1.1",
                      "product_id": "CSAFPID-208301"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.2",
                    "product": {
                      "name": "9.4.2",
                      "product_id": "CSAFPID-210986"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.1.5",
                    "product": {
                      "name": "9.4.1.5",
                      "product_id": "CSAFPID-211054"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.1.3",
                    "product": {
                      "name": "9.4.1.3",
                      "product_id": "CSAFPID-211055"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.1.2",
                    "product": {
                      "name": "9.4.1.2",
                      "product_id": "CSAFPID-211056"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.2.3",
                    "product": {
                      "name": "9.4.2.3",
                      "product_id": "CSAFPID-212705"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.3",
                    "product": {
                      "name": "9.4.3",
                      "product_id": "CSAFPID-221010"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.3.3",
                    "product": {
                      "name": "9.4.3.3",
                      "product_id": "CSAFPID-221011"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.3.4",
                    "product": {
                      "name": "9.4.3.4",
                      "product_id": "CSAFPID-221012"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.3.6",
                    "product": {
                      "name": "9.4.3.6",
                      "product_id": "CSAFPID-221013"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.3.8",
                    "product": {
                      "name": "9.4.3.8",
                      "product_id": "CSAFPID-221014"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.3.11",
                    "product": {
                      "name": "9.4.3.11",
                      "product_id": "CSAFPID-221015"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.3.12",
                    "product": {
                      "name": "9.4.3.12",
                      "product_id": "CSAFPID-221016"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.4",
                    "product": {
                      "name": "9.4.4",
                      "product_id": "CSAFPID-221017"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.4.2",
                    "product": {
                      "name": "9.4.4.2",
                      "product_id": "CSAFPID-224847"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.4.5",
                    "product": {
                      "name": "9.4.4.5",
                      "product_id": "CSAFPID-231291"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.4.6",
                    "product": {
                      "name": "9.4.4.6",
                      "product_id": "CSAFPID-231292"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.4.8",
                    "product": {
                      "name": "9.4.4.8",
                      "product_id": "CSAFPID-231293"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.4.10",
                    "product": {
                      "name": "9.4.4.10",
                      "product_id": "CSAFPID-231294"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.4.12",
                    "product": {
                      "name": "9.4.4.12",
                      "product_id": "CSAFPID-231295"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.2.6",
                    "product": {
                      "name": "9.4.2.6",
                      "product_id": "CSAFPID-232594"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.2.11",
                    "product": {
                      "name": "9.4.2.11",
                      "product_id": "CSAFPID-232595"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.4.16",
                    "product": {
                      "name": "9.4.4.16",
                      "product_id": "CSAFPID-232911"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.1.13",
                    "product": {
                      "name": "9.4.1.13",
                      "product_id": "CSAFPID-232912"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.1.7",
                    "product": {
                      "name": "9.4.1.7",
                      "product_id": "CSAFPID-236035"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.4.1.8",
                    "product": {
                      "name": "9.4.1.8",
                      "product_id": "CSAFPID-236036"
                    }
                  }
                ],
                "category": "product_version",
                "name": "9.4"
              },
              {
                "branches": [
                  {
                    "category": "service_pack",
                    "name": "9.5.1",
                    "product": {
                      "name": "9.5.1",
                      "product_id": "CSAFPID-212614"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.5.2",
                    "product": {
                      "name": "9.5.2",
                      "product_id": "CSAFPID-212704"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.5.2.6",
                    "product": {
                      "name": "9.5.2.6",
                      "product_id": "CSAFPID-221018"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.5.2.10",
                    "product": {
                      "name": "9.5.2.10",
                      "product_id": "CSAFPID-221019"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.5.2.14",
                    "product": {
                      "name": "9.5.2.14",
                      "product_id": "CSAFPID-221020"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.5.3",
                    "product": {
                      "name": "9.5.3",
                      "product_id": "CSAFPID-221021"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.5.3.2",
                    "product": {
                      "name": "9.5.3.2",
                      "product_id": "CSAFPID-221022"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.5.3.3",
                    "product": {
                      "name": "9.5.3.3",
                      "product_id": "CSAFPID-221023"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.5.3.1",
                    "product": {
                      "name": "9.5.3.1",
                      "product_id": "CSAFPID-224849"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.5.3.6",
                    "product": {
                      "name": "9.5.3.6",
                      "product_id": "CSAFPID-224850"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.5.3.9",
                    "product": {
                      "name": "9.5.3.9",
                      "product_id": "CSAFPID-231298"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.5.2.5",
                    "product": {
                      "name": "9.5.2.5",
                      "product_id": "CSAFPID-232593"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.5.2.2",
                    "product": {
                      "name": "9.5.2.2",
                      "product_id": "CSAFPID-235909"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.5.1.4",
                    "product": {
                      "name": "9.5.1.4",
                      "product_id": "CSAFPID-236039"
                    }
                  }
                ],
                "category": "product_version",
                "name": "9.5"
              },
              {
                "branches": [
                  {
                    "category": "service_pack",
                    "name": "9.6.0",
                    "product": {
                      "name": "9.6.0",
                      "product_id": "CSAFPID-220691"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.6.1",
                    "product": {
                      "name": "9.6.1",
                      "product_id": "CSAFPID-220692"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.6.1.3",
                    "product": {
                      "name": "9.6.1.3",
                      "product_id": "CSAFPID-221024"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.6.1.5",
                    "product": {
                      "name": "9.6.1.5",
                      "product_id": "CSAFPID-221025"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.6.1.10",
                    "product": {
                      "name": "9.6.1.10",
                      "product_id": "CSAFPID-221026"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.6.2",
                    "product": {
                      "name": "9.6.2",
                      "product_id": "CSAFPID-221027"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.6.2.1",
                    "product": {
                      "name": "9.6.2.1",
                      "product_id": "CSAFPID-221028"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.6.2.2",
                    "product": {
                      "name": "9.6.2.2",
                      "product_id": "CSAFPID-221029"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.6.2.3",
                    "product": {
                      "name": "9.6.2.3",
                      "product_id": "CSAFPID-221030"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.6.2.7",
                    "product": {
                      "name": "9.6.2.7",
                      "product_id": "CSAFPID-224852"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.6.2.8",
                    "product": {
                      "name": "9.6.2.8",
                      "product_id": "CSAFPID-224853"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.6.2.9",
                    "product": {
                      "name": "9.6.2.9",
                      "product_id": "CSAFPID-224854"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.6.3",
                    "product": {
                      "name": "9.6.3",
                      "product_id": "CSAFPID-224855"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.6.3.1",
                    "product": {
                      "name": "9.6.3.1",
                      "product_id": "CSAFPID-224856"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.6.2.11",
                    "product": {
                      "name": "9.6.2.11",
                      "product_id": "CSAFPID-225986"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.6.3.3",
                    "product": {
                      "name": "9.6.3.3",
                      "product_id": "CSAFPID-231299"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.6.3.8",
                    "product": {
                      "name": "9.6.3.8",
                      "product_id": "CSAFPID-231300"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.6.3.9",
                    "product": {
                      "name": "9.6.3.9",
                      "product_id": "CSAFPID-231301"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.6.3.11",
                    "product": {
                      "name": "9.6.3.11",
                      "product_id": "CSAFPID-231302"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.6.3.12",
                    "product": {
                      "name": "9.6.3.12",
                      "product_id": "CSAFPID-231303"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.6.3.14",
                    "product": {
                      "name": "9.6.3.14",
                      "product_id": "CSAFPID-231304"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.6.3.17",
                    "product": {
                      "name": "9.6.3.17",
                      "product_id": "CSAFPID-231305"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.6.3.20",
                    "product": {
                      "name": "9.6.3.20",
                      "product_id": "CSAFPID-232908"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.6.2.22",
                    "product": {
                      "name": "9.6.2.22",
                      "product_id": "CSAFPID-232909"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.6.2.23",
                    "product": {
                      "name": "9.6.2.23",
                      "product_id": "CSAFPID-232910"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.6.2.13",
                    "product": {
                      "name": "9.6.2.13",
                      "product_id": "CSAFPID-235907"
                    }
                  }
                ],
                "category": "product_version",
                "name": "9.6"
              },
              {
                "branches": [
                  {
                    "category": "service_pack",
                    "name": "9.7.1",
                    "product": {
                      "name": "9.7.1",
                      "product_id": "CSAFPID-221032"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.7.1.1",
                    "product": {
                      "name": "9.7.1.1",
                      "product_id": "CSAFPID-224857"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.7.1.2",
                    "product": {
                      "name": "9.7.1.2",
                      "product_id": "CSAFPID-224858"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.7.1.4",
                    "product": {
                      "name": "9.7.1.4",
                      "product_id": "CSAFPID-232590"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.7.1.8",
                    "product": {
                      "name": "9.7.1.8",
                      "product_id": "CSAFPID-232591"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.7.1.15",
                    "product": {
                      "name": "9.7.1.15",
                      "product_id": "CSAFPID-232592"
                    }
                  }
                ],
                "category": "product_version",
                "name": "9.7"
              },
              {
                "branches": [
                  {
                    "category": "service_pack",
                    "name": "9.8.1",
                    "product": {
                      "name": "9.8.1",
                      "product_id": "CSAFPID-232585"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.8.1.5",
                    "product": {
                      "name": "9.8.1.5",
                      "product_id": "CSAFPID-232586"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.8.1.7",
                    "product": {
                      "name": "9.8.1.7",
                      "product_id": "CSAFPID-232587"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.8.2",
                    "product": {
                      "name": "9.8.2",
                      "product_id": "CSAFPID-232588"
                    }
                  },
                  {
                    "category": "service_pack",
                    "name": "9.8.2.8",
                    "product": {
                      "name": "9.8.2.8",
                      "product_id": "CSAFPID-232589"
                    }
                  }
                ],
                "category": "product_version",
                "name": "9.8"
              }
            ],
            "category": "product_family",
            "name": "Cisco Adaptive Security Appliance (ASA) Software"
          }
        ],
        "category": "vendor",
        "name": "Cisco"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-0231",
      "ids": [
        {
          "system_name": "Cisco Bug ID",
          "text": "CSCve18902"
        },
        {
          "system_name": "Cisco Bug ID",
          "text": "CSCve34335"
        },
        {
          "system_name": "Cisco Bug ID",
          "text": "CSCve38446"
        }
      ],
      "notes": [
        {
          "category": "other",
          "text": "Complete.",
          "title": "Affected Product Comprehensiveness"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-202938",
          "CSAFPID-202940",
          "CSAFPID-202944",
          "CSAFPID-202945",
          "CSAFPID-202946",
          "CSAFPID-202947",
          "CSAFPID-202948",
          "CSAFPID-202949",
          "CSAFPID-204544",
          "CSAFPID-206486",
          "CSAFPID-206487",
          "CSAFPID-206488",
          "CSAFPID-206489",
          "CSAFPID-206490",
          "CSAFPID-207900",
          "CSAFPID-208301",
          "CSAFPID-210984",
          "CSAFPID-210985",
          "CSAFPID-210986",
          "CSAFPID-211050",
          "CSAFPID-211054",
          "CSAFPID-211055",
          "CSAFPID-211056",
          "CSAFPID-211057",
          "CSAFPID-211058",
          "CSAFPID-212614",
          "CSAFPID-212704",
          "CSAFPID-212705",
          "CSAFPID-212706",
          "CSAFPID-212707",
          "CSAFPID-212708",
          "CSAFPID-220691",
          "CSAFPID-220692",
          "CSAFPID-221001",
          "CSAFPID-221002",
          "CSAFPID-221003",
          "CSAFPID-221004",
          "CSAFPID-221005",
          "CSAFPID-221006",
          "CSAFPID-221007",
          "CSAFPID-221008",
          "CSAFPID-221009",
          "CSAFPID-221010",
          "CSAFPID-221011",
          "CSAFPID-221012",
          "CSAFPID-221013",
          "CSAFPID-221014",
          "CSAFPID-221015",
          "CSAFPID-221016",
          "CSAFPID-221017",
          "CSAFPID-221018",
          "CSAFPID-221019",
          "CSAFPID-221020",
          "CSAFPID-221021",
          "CSAFPID-221022",
          "CSAFPID-221023",
          "CSAFPID-221024",
          "CSAFPID-221025",
          "CSAFPID-221026",
          "CSAFPID-221027",
          "CSAFPID-221028",
          "CSAFPID-221029",
          "CSAFPID-221030",
          "CSAFPID-221032",
          "CSAFPID-224844",
          "CSAFPID-224845",
          "CSAFPID-224847",
          "CSAFPID-224849",
          "CSAFPID-224850",
          "CSAFPID-224852",
          "CSAFPID-224853",
          "CSAFPID-224854",
          "CSAFPID-224855",
          "CSAFPID-224856",
          "CSAFPID-224857",
          "CSAFPID-224858",
          "CSAFPID-225986",
          "CSAFPID-231291",
          "CSAFPID-231292",
          "CSAFPID-231293",
          "CSAFPID-231294",
          "CSAFPID-231295",
          "CSAFPID-231298",
          "CSAFPID-231299",
          "CSAFPID-231300",
          "CSAFPID-231301",
          "CSAFPID-231302",
          "CSAFPID-231303",
          "CSAFPID-231304",
          "CSAFPID-231305",
          "CSAFPID-232585",
          "CSAFPID-232586",
          "CSAFPID-232587",
          "CSAFPID-232588",
          "CSAFPID-232589",
          "CSAFPID-232590",
          "CSAFPID-232591",
          "CSAFPID-232592",
          "CSAFPID-232593",
          "CSAFPID-232594",
          "CSAFPID-232595",
          "CSAFPID-232596",
          "CSAFPID-232597",
          "CSAFPID-232598",
          "CSAFPID-232599",
          "CSAFPID-232600",
          "CSAFPID-232908",
          "CSAFPID-232909",
          "CSAFPID-232910",
          "CSAFPID-232911",
          "CSAFPID-232912",
          "CSAFPID-232913",
          "CSAFPID-235907",
          "CSAFPID-235909",
          "CSAFPID-236035",
          "CSAFPID-236036",
          "CSAFPID-236039"
        ]
      },
      "release_date": "2018-04-18T16:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Cisco has released software updates that address this vulnerability.",
          "product_ids": [
            "CSAFPID-202938",
            "CSAFPID-202940",
            "CSAFPID-202944",
            "CSAFPID-202945",
            "CSAFPID-202946",
            "CSAFPID-202947",
            "CSAFPID-202948",
            "CSAFPID-202949",
            "CSAFPID-204544",
            "CSAFPID-206486",
            "CSAFPID-206487",
            "CSAFPID-206488",
            "CSAFPID-206489",
            "CSAFPID-206490",
            "CSAFPID-207900",
            "CSAFPID-208301",
            "CSAFPID-210984",
            "CSAFPID-210985",
            "CSAFPID-210986",
            "CSAFPID-211050",
            "CSAFPID-211054",
            "CSAFPID-211055",
            "CSAFPID-211056",
            "CSAFPID-211057",
            "CSAFPID-211058",
            "CSAFPID-212614",
            "CSAFPID-212704",
            "CSAFPID-212705",
            "CSAFPID-212706",
            "CSAFPID-212707",
            "CSAFPID-212708",
            "CSAFPID-220691",
            "CSAFPID-220692",
            "CSAFPID-221001",
            "CSAFPID-221002",
            "CSAFPID-221003",
            "CSAFPID-221004",
            "CSAFPID-221005",
            "CSAFPID-221006",
            "CSAFPID-221007",
            "CSAFPID-221008",
            "CSAFPID-221009",
            "CSAFPID-221010",
            "CSAFPID-221011",
            "CSAFPID-221012",
            "CSAFPID-221013",
            "CSAFPID-221014",
            "CSAFPID-221015",
            "CSAFPID-221016",
            "CSAFPID-221017",
            "CSAFPID-221018",
            "CSAFPID-221019",
            "CSAFPID-221020",
            "CSAFPID-221021",
            "CSAFPID-221022",
            "CSAFPID-221023",
            "CSAFPID-221024",
            "CSAFPID-221025",
            "CSAFPID-221026",
            "CSAFPID-221027",
            "CSAFPID-221028",
            "CSAFPID-221029",
            "CSAFPID-221030",
            "CSAFPID-221032",
            "CSAFPID-224844",
            "CSAFPID-224845",
            "CSAFPID-224847",
            "CSAFPID-224849",
            "CSAFPID-224850",
            "CSAFPID-224852",
            "CSAFPID-224853",
            "CSAFPID-224854",
            "CSAFPID-224855",
            "CSAFPID-224856",
            "CSAFPID-224857",
            "CSAFPID-224858",
            "CSAFPID-225986",
            "CSAFPID-231291",
            "CSAFPID-231292",
            "CSAFPID-231293",
            "CSAFPID-231294",
            "CSAFPID-231295",
            "CSAFPID-231298",
            "CSAFPID-231299",
            "CSAFPID-231300",
            "CSAFPID-231301",
            "CSAFPID-231302",
            "CSAFPID-231303",
            "CSAFPID-231304",
            "CSAFPID-231305",
            "CSAFPID-232585",
            "CSAFPID-232586",
            "CSAFPID-232587",
            "CSAFPID-232588",
            "CSAFPID-232589",
            "CSAFPID-232590",
            "CSAFPID-232591",
            "CSAFPID-232592",
            "CSAFPID-232593",
            "CSAFPID-232594",
            "CSAFPID-232595",
            "CSAFPID-232596",
            "CSAFPID-232597",
            "CSAFPID-232598",
            "CSAFPID-232599",
            "CSAFPID-232600",
            "CSAFPID-232908",
            "CSAFPID-232909",
            "CSAFPID-232910",
            "CSAFPID-232911",
            "CSAFPID-232912",
            "CSAFPID-232913",
            "CSAFPID-235907",
            "CSAFPID-235909",
            "CSAFPID-236035",
            "CSAFPID-236036",
            "CSAFPID-236039"
          ],
          "url": "https://software.cisco.com"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-202938",
            "CSAFPID-202940",
            "CSAFPID-202944",
            "CSAFPID-202945",
            "CSAFPID-202946",
            "CSAFPID-202947",
            "CSAFPID-202948",
            "CSAFPID-202949",
            "CSAFPID-204544",
            "CSAFPID-206486",
            "CSAFPID-206487",
            "CSAFPID-206488",
            "CSAFPID-206489",
            "CSAFPID-206490",
            "CSAFPID-207900",
            "CSAFPID-208301",
            "CSAFPID-210984",
            "CSAFPID-210985",
            "CSAFPID-210986",
            "CSAFPID-211050",
            "CSAFPID-211054",
            "CSAFPID-211055",
            "CSAFPID-211056",
            "CSAFPID-211057",
            "CSAFPID-211058",
            "CSAFPID-212614",
            "CSAFPID-212704",
            "CSAFPID-212705",
            "CSAFPID-212706",
            "CSAFPID-212707",
            "CSAFPID-212708",
            "CSAFPID-220691",
            "CSAFPID-220692",
            "CSAFPID-221001",
            "CSAFPID-221002",
            "CSAFPID-221003",
            "CSAFPID-221004",
            "CSAFPID-221005",
            "CSAFPID-221006",
            "CSAFPID-221007",
            "CSAFPID-221008",
            "CSAFPID-221009",
            "CSAFPID-221010",
            "CSAFPID-221011",
            "CSAFPID-221012",
            "CSAFPID-221013",
            "CSAFPID-221014",
            "CSAFPID-221015",
            "CSAFPID-221016",
            "CSAFPID-221017",
            "CSAFPID-221018",
            "CSAFPID-221019",
            "CSAFPID-221020",
            "CSAFPID-221021",
            "CSAFPID-221022",
            "CSAFPID-221023",
            "CSAFPID-221024",
            "CSAFPID-221025",
            "CSAFPID-221026",
            "CSAFPID-221027",
            "CSAFPID-221028",
            "CSAFPID-221029",
            "CSAFPID-221030",
            "CSAFPID-221032",
            "CSAFPID-224844",
            "CSAFPID-224845",
            "CSAFPID-224847",
            "CSAFPID-224849",
            "CSAFPID-224850",
            "CSAFPID-224852",
            "CSAFPID-224853",
            "CSAFPID-224854",
            "CSAFPID-224855",
            "CSAFPID-224856",
            "CSAFPID-224857",
            "CSAFPID-224858",
            "CSAFPID-225986",
            "CSAFPID-231291",
            "CSAFPID-231292",
            "CSAFPID-231293",
            "CSAFPID-231294",
            "CSAFPID-231295",
            "CSAFPID-231298",
            "CSAFPID-231299",
            "CSAFPID-231300",
            "CSAFPID-231301",
            "CSAFPID-231302",
            "CSAFPID-231303",
            "CSAFPID-231304",
            "CSAFPID-231305",
            "CSAFPID-232585",
            "CSAFPID-232586",
            "CSAFPID-232587",
            "CSAFPID-232588",
            "CSAFPID-232589",
            "CSAFPID-232590",
            "CSAFPID-232591",
            "CSAFPID-232592",
            "CSAFPID-232593",
            "CSAFPID-232594",
            "CSAFPID-232595",
            "CSAFPID-232596",
            "CSAFPID-232597",
            "CSAFPID-232598",
            "CSAFPID-232599",
            "CSAFPID-232600",
            "CSAFPID-232908",
            "CSAFPID-232909",
            "CSAFPID-232910",
            "CSAFPID-232911",
            "CSAFPID-232912",
            "CSAFPID-232913",
            "CSAFPID-235907",
            "CSAFPID-235909",
            "CSAFPID-236035",
            "CSAFPID-236036",
            "CSAFPID-236039"
          ]
        }
      ],
      "title": "vuln_cisco-sa-20180418-asa3"
    }
  ]
}

{
  "affected": [],
  "aliases": [
    "CVE-2018-0231"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-04-19T20:29:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious TLS message to an interface enabled for Secure Layer Socket (SSL) services on an affected device. Messages using SSL Version 3 (SSLv3) or SSL Version 2 (SSLv2) cannot be be used to exploit this vulnerability. An exploit could allow the attacker to cause a buffer underflow, triggering a crash on an affected device. This vulnerability affects Cisco ASA Software and Cisco FTD Software that is running on the following Cisco products: Adaptive Security Virtual Appliance (ASAv), Firepower Threat Defense Virtual (FTDv), Firepower 2100 Series Security Appliance. Cisco Bug IDs: CSCve18902, CSCve34335, CSCve38446.",
  "id": "GHSA-wq2j-24r5-rxj2",
  "modified": "2022-05-13T01:35:32Z",
  "published": "2022-05-13T01:35:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0231"
    },
    {
      "type": "WEB",
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1040725"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201804-1013",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "98.1\\(1.154\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "9.8\\(1\\)"
      },
      {
        "model": "firepower threat defense",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "6.0"
      },
      {
        "model": "firepower threat defense",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "6.2.2.1"
      },
      {
        "model": "firepower threat defense",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "6.1.0.6"
      },
      {
        "model": "firepower threat defense",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "6.2.1"
      },
      {
        "model": "adaptive security appliance software",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "firepower threat defense software",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "adaptive security virtual appliance",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "firepower series security appliance",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "2100"
      },
      {
        "model": "firepower threat defense virtual",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "firepower threat defense",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "6.0.0"
      },
      {
        "model": "firepower threat defense",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "6.0.1"
      },
      {
        "model": "firepower threat defense",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "6.1.0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-09396"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004346"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-0231"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1107"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8\\(1\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:98.1\\(1.154\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.1.0.6",
                "versionStartIncluding": "6.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.2.2.1",
                "versionStartIncluding": "6.2.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-0231"
      }
    ]
  },
  "cve": "CVE-2018-0231",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 7.8,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2018-0231",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2018-09396",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-118433",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 4.0,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 8.6,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2018-0231",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Changed",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2018-0231",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2018-09396",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201804-1107",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-118433",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2018-0231",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-09396"
      },
      {
        "db": "VULHUB",
        "id": "VHN-118433"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-0231"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004346"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-0231"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1107"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious TLS message to an interface enabled for Secure Layer Socket (SSL) services on an affected device. Messages using SSL Version 3 (SSLv3) or SSL Version 2 (SSLv2) cannot be be used to exploit this vulnerability. An exploit could allow the attacker to cause a buffer underflow, triggering a crash on an affected device. This vulnerability affects Cisco ASA Software and Cisco FTD Software that is running on the following Cisco products: Adaptive Security Virtual Appliance (ASAv), Firepower Threat Defense Virtual (FTDv), Firepower 2100 Series Security Appliance. Cisco Bug IDs: CSCve18902, CSCve34335, CSCve38446. Vendors have confirmed this vulnerability Bug ID CSCve18902 , CSCve34335 and CSCve38446 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. CiscoAdaptiveSecurityVirtualAppliance and so on are all security devices from Cisco. AdaptiveSecurityAppliance (ASA) Software and FirepowerThreatDefense (FTD) Software are operating systems that run on different security devices. TransportLayerSecurity (TLS) is one of the transport layer security protocol libraries. The TLS inventory in ASASoftware and FTDSoftware in several Cisco products is entering a validation vulnerability that stems from the program failing to adequately verify the user-submitted input",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-0231"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004346"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-09396"
      },
      {
        "db": "VULHUB",
        "id": "VHN-118433"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-0231"
      }
    ],
    "trust": 2.34
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-0231",
        "trust": 3.2
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-18-184-01",
        "trust": 2.6
      },
      {
        "db": "SECTRACK",
        "id": "1040725",
        "trust": 1.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004346",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2018-09396",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1107",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-118433",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-0231",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-09396"
      },
      {
        "db": "VULHUB",
        "id": "VHN-118433"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-0231"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004346"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-0231"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1107"
      }
    ]
  },
  "id": "VAR-201804-1013",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-09396"
      },
      {
        "db": "VULHUB",
        "id": "VHN-118433"
      }
    ],
    "trust": 1.3875
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-09396"
      }
    ]
  },
  "last_update_date": "2023-12-18T12:28:54.588000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20180418-asa3",
        "trust": 0.8,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180418-asa3"
      },
      {
        "title": "CiscoAdaptiveSecurityApplianceSoftware and FirepowerThreatDefenseSoftwareTransportLayerSecurity libraries to enter patches for validation vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/128715"
      },
      {
        "title": "Cisco Adaptive Security Appliance Software  and Firepower Threat Defense Software Transport Layer Security Fixes for library input validation vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=81402"
      },
      {
        "title": "Cisco: Cisco Adaptive Security Appliance TLS Denial of Service Vulnerability",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20180418-asa3"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-09396"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-0231"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004346"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1107"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-787",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-20",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-118433"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004346"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-0231"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180418-asa3"
      },
      {
        "trust": 1.9,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-18-184-01"
      },
      {
        "trust": 1.8,
        "url": "http://www.securitytracker.com/id/1040725"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0231"
      },
      {
        "trust": 0.8,
        "url": "https://www.us-cert.gov/ics/advisories/icsa-18-184-01"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-0231"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/787.html"
      },
      {
        "trust": 0.1,
        "url": "https://www.rapid7.com/db/vulnerabilities/cisco-asa-cve-2018-0231"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-09396"
      },
      {
        "db": "VULHUB",
        "id": "VHN-118433"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-0231"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004346"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-0231"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1107"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2018-09396"
      },
      {
        "db": "VULHUB",
        "id": "VHN-118433"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-0231"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004346"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-0231"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1107"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-05-14T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-09396"
      },
      {
        "date": "2018-04-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-118433"
      },
      {
        "date": "2018-04-19T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-0231"
      },
      {
        "date": "2018-06-18T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-004346"
      },
      {
        "date": "2018-04-19T20:29:00.533000",
        "db": "NVD",
        "id": "CVE-2018-0231"
      },
      {
        "date": "2018-04-19T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201804-1107"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-05-14T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2018-09396"
      },
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-118433"
      },
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-0231"
      },
      {
        "date": "2019-07-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-004346"
      },
      {
        "date": "2023-08-15T15:37:09.590000",
        "db": "NVD",
        "id": "CVE-2018-0231"
      },
      {
        "date": "2022-03-21T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201804-1107"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1107"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Adaptive Security Appliance Software and  Cisco Firepower Threat Defense Software input validation vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-004346"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201804-1107"
      }
    ],
    "trust": 0.6
  }
}

{
  "GSD": {
    "alias": "CVE-2018-0231",
    "description": "A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious TLS message to an interface enabled for Secure Layer Socket (SSL) services on an affected device. Messages using SSL Version 3 (SSLv3) or SSL Version 2 (SSLv2) cannot be be used to exploit this vulnerability. An exploit could allow the attacker to cause a buffer underflow, triggering a crash on an affected device. This vulnerability affects Cisco ASA Software and Cisco FTD Software that is running on the following Cisco products: Adaptive Security Virtual Appliance (ASAv), Firepower Threat Defense Virtual (FTDv), Firepower 2100 Series Security Appliance. Cisco Bug IDs: CSCve18902, CSCve34335, CSCve38446.",
    "id": "GSD-2018-0231"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-0231"
      ],
      "details": "A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious TLS message to an interface enabled for Secure Layer Socket (SSL) services on an affected device. Messages using SSL Version 3 (SSLv3) or SSL Version 2 (SSLv2) cannot be be used to exploit this vulnerability. An exploit could allow the attacker to cause a buffer underflow, triggering a crash on an affected device. This vulnerability affects Cisco ASA Software and Cisco FTD Software that is running on the following Cisco products: Adaptive Security Virtual Appliance (ASAv), Firepower Threat Defense Virtual (FTDv), Firepower 2100 Series Security Appliance. Cisco Bug IDs: CSCve18902, CSCve34335, CSCve38446.",
      "id": "GSD-2018-0231",
      "modified": "2023-12-13T01:22:24.733691Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2018-0231",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Cisco Adaptive Security Appliance",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Cisco Adaptive Security Appliance"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious TLS message to an interface enabled for Secure Layer Socket (SSL) services on an affected device. Messages using SSL Version 3 (SSLv3) or SSL Version 2 (SSLv2) cannot be be used to exploit this vulnerability. An exploit could allow the attacker to cause a buffer underflow, triggering a crash on an affected device. This vulnerability affects Cisco ASA Software and Cisco FTD Software that is running on the following Cisco products: Adaptive Security Virtual Appliance (ASAv), Firepower Threat Defense Virtual (FTDv), Firepower 2100 Series Security Appliance. Cisco Bug IDs: CSCve18902, CSCve34335, CSCve38446."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-20"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3",
            "refsource": "CONFIRM",
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3"
          },
          {
            "name": "1040725",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1040725"
          },
          {
            "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01",
            "refsource": "MISC",
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8\\(1\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:98.1\\(1.154\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.1.0.6",
                "versionStartIncluding": "6.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.2.2.1",
                "versionStartIncluding": "6.2.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2018-0231"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious TLS message to an interface enabled for Secure Layer Socket (SSL) services on an affected device. Messages using SSL Version 3 (SSLv3) or SSL Version 2 (SSLv2) cannot be be used to exploit this vulnerability. An exploit could allow the attacker to cause a buffer underflow, triggering a crash on an affected device. This vulnerability affects Cisco ASA Software and Cisco FTD Software that is running on the following Cisco products: Adaptive Security Virtual Appliance (ASAv), Firepower Threat Defense Virtual (FTDv), Firepower 2100 Series Security Appliance. Cisco Bug IDs: CSCve18902, CSCve34335, CSCve38446."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-787"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3"
            },
            {
              "name": "1040725",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1040725"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 4.0
        }
      },
      "lastModifiedDate": "2023-08-15T15:37Z",
      "publishedDate": "2018-04-19T20:29Z"
    }
  }
}