Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2018-0296
Vulnerability from cvelistv5
Published
2018-06-07 12:00
Modified
2024-11-13 18:22
Severity ?
EPSS score ?
Summary
A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco Adaptive Security Appliance unknown |
Version: Cisco Adaptive Security Appliance unknown |
|
|
|||
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog
Date added: 2021-11-03
Due date: 2022-05-03
Required action: Apply updates per vendor instructions.
Used in ransomware: Unknown
Notes: https://nvd.nist.gov/vuln/detail/CVE-2018-0296
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:21:14.828Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104612",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104612"
},
{
"name": "44956",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44956/"
},
{
"name": "1041076",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041076"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-0296",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T17:21:09.447686Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2018-0296"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:22:34.210Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance unknown",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Adaptive Security Appliance unknown"
}
]
}
],
"datePublic": "2018-06-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-12T18:06:11",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "104612",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104612"
},
{
"name": "44956",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44956/"
},
{
"name": "1041076",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041076"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0296",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance unknown",
"version": {
"version_data": [
{
"version_value": "Cisco Adaptive Security Appliance unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104612",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104612"
},
{
"name": "44956",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44956/"
},
{
"name": "1041076",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041076"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd"
},
{
"name": "http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2018-0296",
"datePublished": "2018-06-07T12:00:00",
"dateReserved": "2017-11-27T00:00:00",
"dateUpdated": "2024-11-13T18:22:34.210Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2018-0296",
"cwes": "[\"CWE-20\"]",
"dateAdded": "2021-11-03",
"dueDate": "2022-05-03",
"knownRansomwareCampaignUse": "Unknown",
"notes": "https://nvd.nist.gov/vuln/detail/CVE-2018-0296",
"product": "Adaptive Security Appliance (ASA)",
"requiredAction": "Apply updates per vendor instructions.",
"shortDescription": "Cisco Adaptive Security Appliance (ASA) contains an improper input validation vulnerability with HTTP URLs. Exploitation could allow an attacker to cause a denial-of-service (DoS) condition or information disclosure.",
"vendorProject": "Cisco",
"vulnerabilityName": "Cisco Adaptive Security Appliance (ASA) Denial-of-Service Vulnerability"
},
"fkie_nvd": {
"cisaActionDue": "2022-05-03",
"cisaExploitAdd": "2021-11-03",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Cisco Adaptive Security Appliance (ASA) Denial-of-Service Vulnerability",
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.1\", \"versionEndExcluding\": \"9.1.7.29\", \"matchCriteriaId\": \"A35FC013-99CA-492C-BC76-9E59B2AECF6F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.2\", \"versionEndExcluding\": \"9.2.4.33\", \"matchCriteriaId\": \"25E6D453-0A91-404A-8F6B-D142919ADB32\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.3\", \"versionEndExcluding\": \"9.4.4.18\", \"matchCriteriaId\": \"642ED379-43A2-4CA8-803F-7E63BABAF8E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.5\", \"versionEndExcluding\": \"9.6.4.8\", \"matchCriteriaId\": \"E1054B7C-1543-465C-A1B5-8D5DBC831245\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.8\", \"versionEndExcluding\": \"9.8.2.28\", \"matchCriteriaId\": \"E17B131E-C405-4972-A048-860FBCDACE1A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.9\", \"versionEndExcluding\": \"9.9.2.1\", \"matchCriteriaId\": \"83AA09E7-73BA-49DD-B640-D25F0D87E9DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:adaptive_security_appliance_software:8.1\\\\(2.5\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"196DA613-6892-4C8E-BD44-33E37278BB1A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.7\", \"versionEndExcluding\": \"9.7.1.24\", \"matchCriteriaId\": \"EB1C340C-4DE6-4319-9273-E7E4D24183BE\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.0\", \"versionEndExcluding\": \"6.1.0\", \"matchCriteriaId\": \"B5FC5F57-0626-4647-BAEF-2DDF95668277\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.2.1\", \"versionEndExcluding\": \"6.2.2.3\", \"matchCriteriaId\": \"75879D6D-7583-4944-9B7B-41E4B9341A3F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1D726F07-06F1-4B0A-B010-E607E0C2A280\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:firepower_threat_defense:6.2.3-85.02:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A5B856A1-A199-4B35-BFCA-874CC3250DAF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:firepower_threat_defense:6.2.3-851:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F0E0AB23-AD0D-40B8-A16A-DB12EAD8E054\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0FAD2427-82A3-4E64-ADB5-FA4F40B568F9\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad en la interfaz web de Cisco Adaptive Security Appliance (ASA) podr\\u00eda permitir que un atacante remoto sin autenticar haga que el dispositivo afectado se reinicie inesperadamente y provoque una denegaci\\u00f3n de servicio (DoS) como consecuencia. Tambi\\u00e9n es posible en ciertas versiones del software que ASA no se recargue, pero un atacante podr\\u00eda ver informaci\\u00f3n sensible del sistema sin autenticaci\\u00f3n mediante el uso de t\\u00e9cnicas de salto de directorio. Esta vulnerabilidad se debe a la falta de validaci\\u00f3n de entradas adecuada de la URL HTTP. Un atacante podr\\u00eda explotar esta vulnerabilidad enviando una petici\\u00f3n HTTP manipulada a un dispositivo afectado. Su explotaci\\u00f3n podr\\u00eda permitir a un atacante provocar una denegaci\\u00f3n de servicio o la divulgaci\\u00f3n no autenticada de informaci\\u00f3n. Esta vulnerabilidad aplica al tr\\u00e1fico HTTP IPv4 y IPv6. Esta vulnerabilidad afecta a las versiones de Cisco ASA Software y Cisco Firepower Threat Defense (FTD) Software que se ejecutan en los siguientes productos de Cisco: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module y FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.\"}]",
"id": "CVE-2018-0296",
"lastModified": "2024-11-21T03:37:55.227",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2018-06-07T12:29:00.403",
"references": "[{\"url\": \"http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/104612\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1041076\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.exploit-db.com/exploits/44956/\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/104612\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1041076\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.exploit-db.com/exploits/44956/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}]",
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-22\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2018-0296\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2018-06-07T12:29:00.403\",\"lastModified\":\"2024-11-21T03:37:55.227\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la interfaz web de Cisco Adaptive Security Appliance (ASA) podr\u00eda permitir que un atacante remoto sin autenticar haga que el dispositivo afectado se reinicie inesperadamente y provoque una denegaci\u00f3n de servicio (DoS) como consecuencia. Tambi\u00e9n es posible en ciertas versiones del software que ASA no se recargue, pero un atacante podr\u00eda ver informaci\u00f3n sensible del sistema sin autenticaci\u00f3n mediante el uso de t\u00e9cnicas de salto de directorio. Esta vulnerabilidad se debe a la falta de validaci\u00f3n de entradas adecuada de la URL HTTP. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una petici\u00f3n HTTP manipulada a un dispositivo afectado. Su explotaci\u00f3n podr\u00eda permitir a un atacante provocar una denegaci\u00f3n de servicio o la divulgaci\u00f3n no autenticada de informaci\u00f3n. Esta vulnerabilidad aplica al tr\u00e1fico HTTP IPv4 y IPv6. Esta vulnerabilidad afecta a las versiones de Cisco ASA Software y Cisco Firepower Threat Defense (FTD) Software que se ejecutan en los siguientes productos de Cisco: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module y FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2021-11-03\",\"cisaActionDue\":\"2022-05-03\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Cisco Adaptive Security Appliance (ASA) Denial-of-Service Vulnerability\",\"weaknesses\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.1\",\"versionEndExcluding\":\"9.1.7.29\",\"matchCriteriaId\":\"A35FC013-99CA-492C-BC76-9E59B2AECF6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.2\",\"versionEndExcluding\":\"9.2.4.33\",\"matchCriteriaId\":\"25E6D453-0A91-404A-8F6B-D142919ADB32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.3\",\"versionEndExcluding\":\"9.4.4.18\",\"matchCriteriaId\":\"642ED379-43A2-4CA8-803F-7E63BABAF8E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.5\",\"versionEndExcluding\":\"9.6.4.8\",\"matchCriteriaId\":\"E1054B7C-1543-465C-A1B5-8D5DBC831245\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.8\",\"versionEndExcluding\":\"9.8.2.28\",\"matchCriteriaId\":\"E17B131E-C405-4972-A048-860FBCDACE1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.9\",\"versionEndExcluding\":\"9.9.2.1\",\"matchCriteriaId\":\"83AA09E7-73BA-49DD-B640-D25F0D87E9DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:adaptive_security_appliance_software:8.1\\\\(2.5\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"196DA613-6892-4C8E-BD44-33E37278BB1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.7\",\"versionEndExcluding\":\"9.7.1.24\",\"matchCriteriaId\":\"EB1C340C-4DE6-4319-9273-E7E4D24183BE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0\",\"versionEndExcluding\":\"6.1.0\",\"matchCriteriaId\":\"B5FC5F57-0626-4647-BAEF-2DDF95668277\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2.1\",\"versionEndExcluding\":\"6.2.2.3\",\"matchCriteriaId\":\"75879D6D-7583-4944-9B7B-41E4B9341A3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D726F07-06F1-4B0A-B010-E607E0C2A280\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:6.2.3-85.02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5B856A1-A199-4B35-BFCA-874CC3250DAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:6.2.3-851:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0E0AB23-AD0D-40B8-A16A-DB12EAD8E054\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FAD2427-82A3-4E64-ADB5-FA4F40B568F9\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/104612\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1041076\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/44956/\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/104612\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1041076\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/44956/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.securityfocus.com/bid/104612\", \"name\": \"104612\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"https://www.exploit-db.com/exploits/44956/\", \"name\": \"44956\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id/1041076\", \"name\": \"1041076\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T03:21:14.828Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2018-0296\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-08T17:21:09.447686Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2021-11-03\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2018-0296\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-08T16:06:17.139Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"Cisco Adaptive Security Appliance unknown\", \"versions\": [{\"status\": \"affected\", \"version\": \"Cisco Adaptive Security Appliance unknown\"}]}], \"datePublic\": \"2018-06-07T00:00:00\", \"references\": [{\"url\": \"http://www.securityfocus.com/bid/104612\", \"name\": \"104612\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"https://www.exploit-db.com/exploits/44956/\", \"name\": \"44956\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"]}, {\"url\": \"http://www.securitytracker.com/id/1041076\", \"name\": \"1041076\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2019-08-12T18:06:11\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"Cisco Adaptive Security Appliance unknown\"}]}, \"product_name\": \"Cisco Adaptive Security Appliance unknown\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://www.securityfocus.com/bid/104612\", \"name\": \"104612\", \"refsource\": \"BID\"}, {\"url\": \"https://www.exploit-db.com/exploits/44956/\", \"name\": \"44956\", \"refsource\": \"EXPLOIT-DB\"}, {\"url\": \"http://www.securitytracker.com/id/1041076\", \"name\": \"1041076\", \"refsource\": \"SECTRACK\"}, {\"url\": \"https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01\", \"name\": \"https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01\", \"refsource\": \"MISC\"}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd\", \"name\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html\", \"name\": \"http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-20\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2018-0296\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"psirt@cisco.com\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2018-0296\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-13T18:22:34.210Z\", \"dateReserved\": \"2017-11-27T00:00:00\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2018-06-07T12:00:00\", \"assignerShortName\": \"cisco\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
icsa-18-184-01
Vulnerability from csaf_cisa
Published
2018-07-03 00:00
Modified
2018-07-03 00:00
Summary
Rockwell Automation Allen-Bradley Stratix 5950
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow an attacker to bypass client certification to create connections to the affected device or cause the device to crash.
Critical infrastructure sectors
Critical Manufacturing, Energy, Water and Wastewater Systems
Countries/areas deployed
Worldwide
Company headquarters location
Wisconsin, USA
Recommended Practices
NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices
NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.
Recommended Practices
NCCIC also recommends that users take the following measures to protect themselves from social engineering attacks:
Exploitability
No known public exploits specifically target these vulnerabilities.
{
"document": {
"acknowledgments": [
{
"organization": "Rockwell Automation",
"summary": "reporting these vulnerabilities to NCCIC"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could allow an attacker to bypass client certification to create connections to the affected device or cause the device to crash.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing, Energy, Water and Wastewater Systems",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Wisconsin, USA",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "NCCIC also recommends that users take the following measures to protect themselves from social engineering attacks:",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-18-184-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2018/icsa-18-184-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-18-184-01 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-184-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-184-01"
}
],
"title": "Rockwell Automation Allen-Bradley Stratix 5950",
"tracking": {
"current_release_date": "2018-07-03T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-18-184-01",
"initial_release_date": "2018-07-03T00:00:00.000000Z",
"revision_history": [
{
"date": "2018-07-03T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-18-184-01 Rockwell Automation Allen-Bradley Stratix 5950"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1783-SAD4T0SBK9",
"product": {
"name": "Allen-Bradley Stratix 5950: 1783-SAD4T0SBK9",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Allen-Bradley Stratix 5950"
},
{
"branches": [
{
"category": "product_version",
"name": "1783-SAD2T2SPK9",
"product": {
"name": "Allen-Bradley Stratix 5950: 1783-SAD2T2SPK9",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "Allen-Bradley Stratix 5950"
},
{
"branches": [
{
"category": "product_version",
"name": "1783-SAD4T0SPK9",
"product": {
"name": "Allen-Bradley Stratix 5950: 1783-SAD4T0SPK9",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "Allen-Bradley Stratix 5950"
},
{
"branches": [
{
"category": "product_version",
"name": "1783-SAD2T2SBK9",
"product": {
"name": "Allen-Bradley Stratix 5950: 1783-SAD2T2SBK9",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "Allen-Bradley Stratix 5950"
}
],
"category": "vendor",
"name": "Rockwell Automation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-0228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability in the ingress flow creation functionality of the Cisco ASA could allow an unauthenticated, remote threat actor to cause the CPU to increase upwards of 100 percent utilization, causing a denial-of-service (DoS) condition on an affected system.CVE-2018-0228 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0228"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "CVE-2018-0228 \u2014 The ASA and FTD configuration commands\u2014set connection per-client-embryonic-max (TCP) and set connection per-client-max (TCP, UDP, and Stream Control Transmission Protocol [SCTP])\u2014can be configured to limit the number of connection requests allowed. Using these configuration parameters can reduce the number of connections and greatly reduce the impact of the DoS attack.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "For additional information please see the Rockwell Automation security notification at (login required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1073860",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://urldefense.proofpoint.com/v2/url?u=https-3A__rockwellautomation.custhelp.com_app_answers_detail_a-5Fid_1073860\u0026d=DwMGaQ\u0026c=54IZrppPQZKX9mLzcGdPfFD1hxrcB__aEkJFOKJFd00\u0026r=zE5lG3CZZIbdBvT6slVAzQ\u0026m=d7_uax5LG0vjWoCGwelqASZRyzRGG85aflD3xxdn7I4\u0026s=QsGtt5inxh43clly39aymIsyKWnoKwawSFbQUhiVVhA\u0026e="
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2018-0227",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability in the Secure Sockets Layer (SSL) Virtual Private Network (VPN) Client Certificate Authentication feature for the Cisco ASA could allow an unauthenticated, remote threat actor to establish an SSL VPN connection and bypass certain SSL certificate verification steps.CVE-2018-0227 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0227"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "CVE-2018-0227 \u2014 No workarounds available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "For additional information please see the Rockwell Automation security notification at (login required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1073860",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://urldefense.proofpoint.com/v2/url?u=https-3A__rockwellautomation.custhelp.com_app_answers_detail_a-5Fid_1073860\u0026d=DwMGaQ\u0026c=54IZrppPQZKX9mLzcGdPfFD1hxrcB__aEkJFOKJFd00\u0026r=zE5lG3CZZIbdBvT6slVAzQ\u0026m=d7_uax5LG0vjWoCGwelqASZRyzRGG85aflD3xxdn7I4\u0026s=QsGtt5inxh43clly39aymIsyKWnoKwawSFbQUhiVVhA\u0026e="
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2018-0231",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability in the Transport Layer Security library of the Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote threat actor to trigger a reload of the affected device, resulting in a DoS condition.CVE-2018-0231 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0231"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "CVE-2018-0231 \u2014 No workarounds available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "For additional information please see the Rockwell Automation security notification at (login required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1073860",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://urldefense.proofpoint.com/v2/url?u=https-3A__rockwellautomation.custhelp.com_app_answers_detail_a-5Fid_1073860\u0026d=DwMGaQ\u0026c=54IZrppPQZKX9mLzcGdPfFD1hxrcB__aEkJFOKJFd00\u0026r=zE5lG3CZZIbdBvT6slVAzQ\u0026m=d7_uax5LG0vjWoCGwelqASZRyzRGG85aflD3xxdn7I4\u0026s=QsGtt5inxh43clly39aymIsyKWnoKwawSFbQUhiVVhA\u0026e="
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2018-0240",
"cwe": {
"id": "CWE-841",
"name": "Improper Enforcement of Behavioral Workflow"
},
"notes": [
{
"category": "summary",
"text": "Multiple vulnerabilities in the Application Layer Protocol Inspection feature of the Cisco ASA Software and Cisco FTD Software could allow an unauthenticated, remote threat actor to trigger a reload of an affected device, resulting in a DoS condition.CVE-2018-0240 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0240"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "CVE-2018-0240 \u2014 No workarounds available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "For additional information please see the Rockwell Automation security notification at (login required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1073860",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://urldefense.proofpoint.com/v2/url?u=https-3A__rockwellautomation.custhelp.com_app_answers_detail_a-5Fid_1073860\u0026d=DwMGaQ\u0026c=54IZrppPQZKX9mLzcGdPfFD1hxrcB__aEkJFOKJFd00\u0026r=zE5lG3CZZIbdBvT6slVAzQ\u0026m=d7_uax5LG0vjWoCGwelqASZRyzRGG85aflD3xxdn7I4\u0026s=QsGtt5inxh43clly39aymIsyKWnoKwawSFbQUhiVVhA\u0026e="
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2018-0296",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability in the web interface of the Cisco ASA could allow an unauthenticated, remote threat actor to cause an affected device to reload unexpectedly, resulting in a DoS condition. It is also possible on certain software releases that the ASA will not reload, but a threat actor could view sensitive system information without authentication by using directory traversal techniques.CVE-2018-0296 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0296"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "CVE-2018-0296 \u2014 Cisco has released Snort Rule 46897",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.cisco.com/web/software/286271056/117258/sf-rules-2018-06-07-new.html"
},
{
"category": "mitigation",
"details": "For additional information please see the Rockwell Automation security notification at (login required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1073860",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://urldefense.proofpoint.com/v2/url?u=https-3A__rockwellautomation.custhelp.com_app_answers_detail_a-5Fid_1073860\u0026d=DwMGaQ\u0026c=54IZrppPQZKX9mLzcGdPfFD1hxrcB__aEkJFOKJFd00\u0026r=zE5lG3CZZIbdBvT6slVAzQ\u0026m=d7_uax5LG0vjWoCGwelqASZRyzRGG85aflD3xxdn7I4\u0026s=QsGtt5inxh43clly39aymIsyKWnoKwawSFbQUhiVVhA\u0026e="
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
}
]
}
ICSA-18-184-01
Vulnerability from csaf_cisa
Published
2018-07-03 00:00
Modified
2018-07-03 00:00
Summary
Rockwell Automation Allen-Bradley Stratix 5950
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow an attacker to bypass client certification to create connections to the affected device or cause the device to crash.
Critical infrastructure sectors
Critical Manufacturing, Energy, Water and Wastewater Systems
Countries/areas deployed
Worldwide
Company headquarters location
Wisconsin, USA
Recommended Practices
NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices
NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.
Recommended Practices
NCCIC also recommends that users take the following measures to protect themselves from social engineering attacks:
Exploitability
No known public exploits specifically target these vulnerabilities.
{
"document": {
"acknowledgments": [
{
"organization": "Rockwell Automation",
"summary": "reporting these vulnerabilities to NCCIC"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could allow an attacker to bypass client certification to create connections to the affected device or cause the device to crash.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing, Energy, Water and Wastewater Systems",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Wisconsin, USA",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "NCCIC also recommends that users take the following measures to protect themselves from social engineering attacks:",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-18-184-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2018/icsa-18-184-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-18-184-01 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-184-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-184-01"
}
],
"title": "Rockwell Automation Allen-Bradley Stratix 5950",
"tracking": {
"current_release_date": "2018-07-03T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-18-184-01",
"initial_release_date": "2018-07-03T00:00:00.000000Z",
"revision_history": [
{
"date": "2018-07-03T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-18-184-01 Rockwell Automation Allen-Bradley Stratix 5950"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1783-SAD4T0SBK9",
"product": {
"name": "Allen-Bradley Stratix 5950: 1783-SAD4T0SBK9",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Allen-Bradley Stratix 5950"
},
{
"branches": [
{
"category": "product_version",
"name": "1783-SAD2T2SPK9",
"product": {
"name": "Allen-Bradley Stratix 5950: 1783-SAD2T2SPK9",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "Allen-Bradley Stratix 5950"
},
{
"branches": [
{
"category": "product_version",
"name": "1783-SAD4T0SPK9",
"product": {
"name": "Allen-Bradley Stratix 5950: 1783-SAD4T0SPK9",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "Allen-Bradley Stratix 5950"
},
{
"branches": [
{
"category": "product_version",
"name": "1783-SAD2T2SBK9",
"product": {
"name": "Allen-Bradley Stratix 5950: 1783-SAD2T2SBK9",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "Allen-Bradley Stratix 5950"
}
],
"category": "vendor",
"name": "Rockwell Automation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-0228",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability in the ingress flow creation functionality of the Cisco ASA could allow an unauthenticated, remote threat actor to cause the CPU to increase upwards of 100 percent utilization, causing a denial-of-service (DoS) condition on an affected system.CVE-2018-0228 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0228"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "CVE-2018-0228 \u2014 The ASA and FTD configuration commands\u2014set connection per-client-embryonic-max (TCP) and set connection per-client-max (TCP, UDP, and Stream Control Transmission Protocol [SCTP])\u2014can be configured to limit the number of connection requests allowed. Using these configuration parameters can reduce the number of connections and greatly reduce the impact of the DoS attack.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "For additional information please see the Rockwell Automation security notification at (login required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1073860",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://urldefense.proofpoint.com/v2/url?u=https-3A__rockwellautomation.custhelp.com_app_answers_detail_a-5Fid_1073860\u0026d=DwMGaQ\u0026c=54IZrppPQZKX9mLzcGdPfFD1hxrcB__aEkJFOKJFd00\u0026r=zE5lG3CZZIbdBvT6slVAzQ\u0026m=d7_uax5LG0vjWoCGwelqASZRyzRGG85aflD3xxdn7I4\u0026s=QsGtt5inxh43clly39aymIsyKWnoKwawSFbQUhiVVhA\u0026e="
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2018-0227",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability in the Secure Sockets Layer (SSL) Virtual Private Network (VPN) Client Certificate Authentication feature for the Cisco ASA could allow an unauthenticated, remote threat actor to establish an SSL VPN connection and bypass certain SSL certificate verification steps.CVE-2018-0227 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0227"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
}
],
"remediations": [
{
"category": "mitigation",
"details": "CVE-2018-0227 \u2014 No workarounds available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "For additional information please see the Rockwell Automation security notification at (login required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1073860",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://urldefense.proofpoint.com/v2/url?u=https-3A__rockwellautomation.custhelp.com_app_answers_detail_a-5Fid_1073860\u0026d=DwMGaQ\u0026c=54IZrppPQZKX9mLzcGdPfFD1hxrcB__aEkJFOKJFd00\u0026r=zE5lG3CZZIbdBvT6slVAzQ\u0026m=d7_uax5LG0vjWoCGwelqASZRyzRGG85aflD3xxdn7I4\u0026s=QsGtt5inxh43clly39aymIsyKWnoKwawSFbQUhiVVhA\u0026e="
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2018-0231",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability in the Transport Layer Security library of the Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote threat actor to trigger a reload of the affected device, resulting in a DoS condition.CVE-2018-0231 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0231"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "CVE-2018-0231 \u2014 No workarounds available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "For additional information please see the Rockwell Automation security notification at (login required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1073860",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://urldefense.proofpoint.com/v2/url?u=https-3A__rockwellautomation.custhelp.com_app_answers_detail_a-5Fid_1073860\u0026d=DwMGaQ\u0026c=54IZrppPQZKX9mLzcGdPfFD1hxrcB__aEkJFOKJFd00\u0026r=zE5lG3CZZIbdBvT6slVAzQ\u0026m=d7_uax5LG0vjWoCGwelqASZRyzRGG85aflD3xxdn7I4\u0026s=QsGtt5inxh43clly39aymIsyKWnoKwawSFbQUhiVVhA\u0026e="
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2018-0240",
"cwe": {
"id": "CWE-841",
"name": "Improper Enforcement of Behavioral Workflow"
},
"notes": [
{
"category": "summary",
"text": "Multiple vulnerabilities in the Application Layer Protocol Inspection feature of the Cisco ASA Software and Cisco FTD Software could allow an unauthenticated, remote threat actor to trigger a reload of an affected device, resulting in a DoS condition.CVE-2018-0240 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0240"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "CVE-2018-0240 \u2014 No workarounds available",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "For additional information please see the Rockwell Automation security notification at (login required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1073860",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://urldefense.proofpoint.com/v2/url?u=https-3A__rockwellautomation.custhelp.com_app_answers_detail_a-5Fid_1073860\u0026d=DwMGaQ\u0026c=54IZrppPQZKX9mLzcGdPfFD1hxrcB__aEkJFOKJFd00\u0026r=zE5lG3CZZIbdBvT6slVAzQ\u0026m=d7_uax5LG0vjWoCGwelqASZRyzRGG85aflD3xxdn7I4\u0026s=QsGtt5inxh43clly39aymIsyKWnoKwawSFbQUhiVVhA\u0026e="
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2018-0296",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability in the web interface of the Cisco ASA could allow an unauthenticated, remote threat actor to cause an affected device to reload unexpectedly, resulting in a DoS condition. It is also possible on certain software releases that the ASA will not reload, but a threat actor could view sensitive system information without authentication by using directory traversal techniques.CVE-2018-0296 has been assigned to this vulnerability. A CVSS v3 base score of 8.6 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0296"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "mitigation",
"details": "CVE-2018-0296 \u2014 Cisco has released Snort Rule 46897",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.cisco.com/web/software/286271056/117258/sf-rules-2018-06-07-new.html"
},
{
"category": "mitigation",
"details": "For additional information please see the Rockwell Automation security notification at (login required): https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1073860",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://urldefense.proofpoint.com/v2/url?u=https-3A__rockwellautomation.custhelp.com_app_answers_detail_a-5Fid_1073860\u0026d=DwMGaQ\u0026c=54IZrppPQZKX9mLzcGdPfFD1hxrcB__aEkJFOKJFd00\u0026r=zE5lG3CZZIbdBvT6slVAzQ\u0026m=d7_uax5LG0vjWoCGwelqASZRyzRGG85aflD3xxdn7I4\u0026s=QsGtt5inxh43clly39aymIsyKWnoKwawSFbQUhiVVhA\u0026e="
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
}
]
}
cve-2018-0296
Vulnerability from fkie_nvd
Published
2018-06-07 12:29
Modified
2024-11-21 03:37
Severity ?
Summary
A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.
References
Impacted products
{
"cisaActionDue": "2022-05-03",
"cisaExploitAdd": "2021-11-03",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Cisco Adaptive Security Appliance (ASA) Denial-of-Service Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC013-99CA-492C-BC76-9E59B2AECF6F",
"versionEndExcluding": "9.1.7.29",
"versionStartIncluding": "9.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25E6D453-0A91-404A-8F6B-D142919ADB32",
"versionEndExcluding": "9.2.4.33",
"versionStartIncluding": "9.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "642ED379-43A2-4CA8-803F-7E63BABAF8E4",
"versionEndExcluding": "9.4.4.18",
"versionStartIncluding": "9.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1054B7C-1543-465C-A1B5-8D5DBC831245",
"versionEndExcluding": "9.6.4.8",
"versionStartIncluding": "9.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E17B131E-C405-4972-A048-860FBCDACE1A",
"versionEndExcluding": "9.8.2.28",
"versionStartIncluding": "9.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "83AA09E7-73BA-49DD-B640-D25F0D87E9DD",
"versionEndExcluding": "9.9.2.1",
"versionStartIncluding": "9.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.1\\(2.5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "196DA613-6892-4C8E-BD44-33E37278BB1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB1C340C-4DE6-4319-9273-E7E4D24183BE",
"versionEndExcluding": "9.7.1.24",
"versionStartIncluding": "9.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5FC5F57-0626-4647-BAEF-2DDF95668277",
"versionEndExcluding": "6.1.0",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "75879D6D-7583-4944-9B7B-41E4B9341A3F",
"versionEndExcluding": "6.2.2.3",
"versionStartIncluding": "6.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3-85.02:*:*:*:*:*:*:*",
"matchCriteriaId": "A5B856A1-A199-4B35-BFCA-874CC3250DAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3-851:*:*:*:*:*:*:*",
"matchCriteriaId": "F0E0AB23-AD0D-40B8-A16A-DB12EAD8E054",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz web de Cisco Adaptive Security Appliance (ASA) podr\u00eda permitir que un atacante remoto sin autenticar haga que el dispositivo afectado se reinicie inesperadamente y provoque una denegaci\u00f3n de servicio (DoS) como consecuencia. Tambi\u00e9n es posible en ciertas versiones del software que ASA no se recargue, pero un atacante podr\u00eda ver informaci\u00f3n sensible del sistema sin autenticaci\u00f3n mediante el uso de t\u00e9cnicas de salto de directorio. Esta vulnerabilidad se debe a la falta de validaci\u00f3n de entradas adecuada de la URL HTTP. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una petici\u00f3n HTTP manipulada a un dispositivo afectado. Su explotaci\u00f3n podr\u00eda permitir a un atacante provocar una denegaci\u00f3n de servicio o la divulgaci\u00f3n no autenticada de informaci\u00f3n. Esta vulnerabilidad aplica al tr\u00e1fico HTTP IPv4 y IPv6. Esta vulnerabilidad afecta a las versiones de Cisco ASA Software y Cisco Firepower Threat Defense (FTD) Software que se ejecutan en los siguientes productos de Cisco: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module y FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029."
}
],
"id": "CVE-2018-0296",
"lastModified": "2024-11-21T03:37:55.227",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-07T12:29:00.403",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104612"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041076"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44956/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104612"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44956/"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
gsd-2018-0296
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-0296",
"description": "A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.",
"id": "GSD-2018-0296",
"references": [
"https://packetstormsecurity.com/files/cve/CVE-2018-0296"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-0296"
],
"details": "A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.",
"id": "GSD-2018-0296",
"modified": "2023-12-13T01:22:24.605143Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cisa.gov": {
"cveID": "CVE-2018-0296",
"dateAdded": "2021-11-03",
"dueDate": "2022-05-03",
"product": "Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)",
"requiredAction": "Apply updates per vendor instructions.",
"shortDescription": "A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.",
"vendorProject": "Cisco",
"vulnerabilityName": "Cisco Adaptive Security Appliance Firepower Threat Defense Denial-of-Service/Directory Traversal vulnerability"
},
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0296",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance unknown",
"version": {
"version_data": [
{
"version_value": "Cisco Adaptive Security Appliance unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104612",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104612"
},
{
"name": "44956",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44956/"
},
{
"name": "1041076",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041076"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd"
},
{
"name": "http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.1\\(2.5\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.7.29",
"versionStartIncluding": "9.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.2.4.33",
"versionStartIncluding": "9.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.4.4.18",
"versionStartIncluding": "9.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.6.4.8",
"versionStartIncluding": "9.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.8.2.28",
"versionStartIncluding": "9.8",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.9.2.1",
"versionStartIncluding": "9.9",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.7.1.24",
"versionStartIncluding": "9.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.1.0",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.2.2.3",
"versionStartIncluding": "6.2.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3-851:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3-85.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2018-0296"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd"
},
{
"name": "1041076",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041076"
},
{
"name": "44956",
"refsource": "EXPLOIT-DB",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/44956/"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
},
{
"name": "104612",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104612"
},
{
"name": "http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2023-08-15T15:21Z",
"publishedDate": "2018-06-07T12:29Z"
}
}
}
ghsa-h2mj-pqgp-xmmj
Vulnerability from github
Published
2022-05-13 01:17
Modified
2022-05-13 01:17
Severity ?
Details
A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.
{
"affected": [],
"aliases": [
"CVE-2018-0296"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-22"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-06-07T12:29:00Z",
"severity": "HIGH"
},
"details": "A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.",
"id": "GHSA-h2mj-pqgp-xmmj",
"modified": "2022-05-13T01:17:37Z",
"published": "2022-05-13T01:17:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0296"
},
{
"type": "WEB",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/44956"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/104612"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1041076"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
cisco-sa-20180606-asaftd
Vulnerability from csaf_cisco
Published
2018-06-06 16:00
Modified
2019-09-24 17:49
Summary
Cisco Adaptive Security Appliance Web Services Denial of Service Vulnerability
Notes
Summary
A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques.
The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Note: Cisco continues to strongly recommend that customers upgrade to a fixed Cisco ASA Software release to remediate this vulnerability as there are continued attempts to exploit in the wild.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd"]
Vulnerable Products
This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products:
3000 Series Industrial Security Appliance (ISA)
ASA 1000V Cloud Firewall
ASA 5500 Series Adaptive Security Appliances
ASA 5500-X Series Next-Generation Firewalls
ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
Adaptive Security Virtual Appliance (ASAv)
Firepower 2100 Series Security Appliance
Firepower 4100 Series Security Appliance
Firepower 9300 ASA Security Module
FTD Virtual (FTDv)
ASA Software
In the following table, the left column lists the Cisco ASA features that are potentially vulnerable. The right column indicates the basic configuration for the feature from the show running-config CLI command, if it can be determined. If the device is configured for one of these features, follow the additional instructions to determine if the device is vulnerable.
Cisco ASA Feature Possible Vulnerable Configuration Adaptive Security Device Manager (ASDM)1 http server enable <port>
http <remote_ip_address> <remote_subnet_mask> <interface_name> AnyConnect IKEv2 Remote Access (with client services) crypto ikev2 enable <interface_name> client-services port <port #>
webvpn
anyconnect enable
AnyConnect IKEv2 Remote Access (without client services) crypto ikev2 enable <interface_name>
webvpn
anyconnect enable
AnyConnect SSL VPN webvpn
enable <interface_name> Cisco Security Manager2 http server enable <port>
http <remote_ip_address> <remote_subnet_mask> <interface_name>
Clientless SSL VPN webvpn
enable <interface_name> Cut-Through Proxy (Not vulnerable unless used in conjunction with other vulnerable features on the same port) aaa authentication listener <interface_name> port <number>
Local Certificate Authority (CA) crypto ca server
no shutdown
Mobile Device Manager (MDM) Proxy3 mdm-proxy
enable <interface_name> Mobile User Security (MUS) webvpn
mus password <password>
mus server enable port <port #>
mus <address> <mask> <interface_name> Proxy Bypass
webvpn
proxy-bypass
REST API4 rest-api image disk0:/<image name>
rest-api agent
1ASDM is vulnerable only from an IP address in the configured http command range.
2 Cisco Security Manager is vulnerable only from an IP address in the configured http command range.
3The MDM Proxy is first supported as of Cisco ASA Software Release 9.3.1.
4The REST API is first supported as of Cisco ASA Software Release 9.3.2. The REST API is vulnerable only from an IP address in the configured http command range.
Determining Whether an ASA Configured with a Potentially Vulnerable Feature Is Vulnerable
Step 1: Administrators can use the show asp table socket | include SSL|DTLS command and look for a Secure Sockets Layer (SSL) or a Datagram Transport Layer Security (DTLS) listen socket on any TCP port. If either socket is present in the output and the ASA device is configured for one or more of the ASA features in the preceding table, the device may be vulnerable. The following example shows an ASA device with SSL and DTLS listen sockets:
ciscoasa# show asp table socket | include SSL|DTLS
SSL 00185038 LISTEN 172.16.0.250:443 0.0.0.0:*
SSL 00188638 LISTEN 10.0.0.250:443 0.0.0.0:*
DTLS 0018f7a8 LISTEN 10.0.0.250:443 0.0.0.0:*
Step 2: Administrators can then use the show processes | include Unicorn command to see if the vulnerable process is running on the device. This means that one of the possible vulnerable features has created an instance of the internal web server, which is vulnerable. If Unicorn Proxy Thread is present, the device is considered vulnerable.
ciscoasa# show processes | include Unicorn
Mwe 0x0000557f9f5bafc0 0x00007f62de5a90a8 0x0000557fa52b50a0 3632 0x00007f62c8c87030 30704/32768 Unicorn Proxy Thread 218
Note: The Unicorn Proxy Thread identifier in the preceding example is 218 and can vary. A device must be considered vulnerable if the Unicorn Proxy Thread process is running, regardless of the actual thread identifier number.
Determining the Running ASA Software Release
To determine whether a vulnerable release of Cisco ASA Software is running on a device, administrators can use the show version | include Version command in the CLI. The following example shows the output of the command for a device that is running Cisco ASA Software Release 9.2(1):
ciscoasa# show version | include Version
Cisco Adaptive Security Appliance Software Version 9.2(1)
Device Manager Version 7.4(1)
Administrators who use Cisco Adaptive Security Device Manager (ASDM) to manage devices can locate the software release in the table that appears in the login window or the upper-left corner of the Cisco ASDM window.
FTD Software
This vulnerability applies to all Cisco FTD Software releases except Release 6.2.0, which is not vulnerable. See the Fixed Releases ["#fs"] section for additional information about fixed releases of Cisco FTD Software. The Cisco FTD Software release contains both Firepower and ASA code. Review the “Firepower Threat Defense Devices” section of the Cisco Firepower Compatibility Guide ["https://www.cisco.com/c/en/us/td/docs/security/firepower/compatibility/firepower-compatibility.html#reference_070E1908889545BDB6CC564676202628"] for additional information.
In the following table, the left column lists the Cisco FTD features that are potentially vulnerable. The right column indicates the basic configuration for the feature from the show running-config CLI command, if it can be determined. If the device is configured for one of these features, follow the additional instructions to determine if the device is vulnerable.
Cisco FTD Feature Vulnerable Configuration HTTP Service enabled1 http server enable <port #>
http <remote_ip_address> <remote_subnet_mask> <interface_name>
AnyConnect IKEv2 Remote Access (with client services)2,3 crypto ikev2 enable <interface_name> client-services port <port #>
webvpn
anyconnect enable AnyConnect IKEv2 Remote Access (without client services)2,3 crypto ikev2 enable <interface_name>
webvpn
anyconnect enable AnyConnect SSL VPN2,3 webvpn
enable <interface_name>
1 The HTTP feature is enabled via Firepower Threat Defense Platform Settings > HTTP in the Cisco Firepower Management Console (FMC).
2 Remote Access VPN features are enabled via Devices > VPN > Remote Access in the Cisco FMC or via Device > Remote Access VPN in Cisco Firepower Device Manager (FDM).
3 Remote Access VPN features are first supported as of Cisco FTD Software Release 6.2.2.
Determining Whether Cisco FTD Configured with a Potentially Vulnerable Feature Is Vulnerable
Step 1: Administrators can use the show asp table socket | include SSL|DTLS command and look for an SSL or a DTLS listen socket on any TCP port. If either socket is present in the output and the FTD device is configured for one or more of the features listed in the preceding table, the device may be vulnerable. The following example shows an FTD device with SSL and DTLS listen sockets:
firepower# show asp table socket | include SSL|DTLS
SSL 01ffb648 LISTEN 1.1.1.1:443 0.0.0.0:*
DTLS 00009438 LISTEN 1.1.1.1:443 0.0.0.0:*
Step 2: Administrators can then use the show processes | include Unicorn command to see if the vulnerable process is running on the device. This means that one of the possible vulnerable features has created an instance of the internal web server, which is vulnerable. If Unicorn Proxy Thread is present, the device is considered vulnerable.
firepower# show processes | include Unicorn
Mwe 0x0000557f9f5bafc0 0x00007f62de5a90a8 0x0000557fa52b50a0 3632 0x00007f62c8c87030 30704/32768 Unicorn Proxy Thread 218
Notes:
The Unicorn Proxy Thread identifier in the previous example is 218 and can vary. A device must be considered vulnerable if the Unicorn Proxy Thread process is running, regardless of the actual thread identifier number.
Although certain IKEv2 feature sets do not enable the underlying SSL TCP listening socket, they may still be vulnerable. Administrators can use the show running-config crypto ikev2 CLI command to check if the crypto ikev2 enable configuration command is present in the configuration, as shown in the following example:
firepower# show running-config crypto ikev2 | include enable
crypto ikev2 enable Outside
If a command like crypto ikev2 enable is present in the running configuration and the anyconnect enable command is part of the global webvpn configuration, the Cisco FTD device is also considered vulnerable.
Determining the Running Cisco FTD Software Release
Administrators can use the show version command in the CLI to determine the Cisco FTD Software release. In this example, the device is running Release 6.2.2:
> show version
---------------------[ ftd ]---------------------
Model : Cisco ASA5525-X Threat Defense (75) Version 6.2.2 (Build 362)
UUID : 2849ba3c-ecb8-11e6-98ca-b9fc2975893c
Rules update version : 2017-03-15-001-vrt
VDB version : 279
----------------------------------------------------
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products ["#vp"] section of this advisory are known to be affected by this vulnerability.
Cisco has confirmed that Cisco AnyConnect Secure Mobility Client is not vulnerable.
Workarounds
There are no workarounds that address this vulnerability.
Fixed Software
Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license:
https://www.cisco.com/c/en/us/products/end-user-license-agreement.html ["https://www.cisco.com/c/en/us/products/end-user-license-agreement.html"]
Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades.
When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page ["https://www.cisco.com/go/psirt"], to determine exposure and a complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC:
https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html ["https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html"]
Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade.
Fixed Releases
Customers should upgrade to an appropriate release as indicated in the following tables.
Cisco ASA Software
Cisco ASA Software Release First Fixed Release for This Vulnerability Prior to 9.11 Migrate to 9.1.7.29 9.1 9.1.7.29 9.2 9.2.4.33 9.31 Migrate to 9.4.4.18 9.4 9.4.4.18 9.51 Migrate to 9.6.4.8 9.6 9.6.4.8 9.7 9.7.1.24 9.8 9.8.2.28 9.9 9.9.2.1
1Cisco ASA Software releases prior to Release 9.1 and Cisco ASA Software Releases 9.3 and 9.5 have reached end-of-software maintenance. Customers should migrate to a supported release.
The software is available for download from the Software Center ["https://software.cisco.com/download/navigator.html"] on Cisco.com by navigating to Products > Security > Firewalls > Adaptive Security Appliances (ASA) > ASA 5500-X Series Firewalls, where there is a list of Cisco ASA hardware platforms. The majority of these software releases are listed under Interim.
Cisco FTD Software
Cisco FTD Software Release First Fixed Release for This Vulnerability 6.0 Migrate to 6.1.0 HotFix or later 6.0.1 Migrate to 6.1.0 HotFix or later 6.1.0 Cisco_FTD_Hotfix_EI-6.1.0.7-2.sh (all FTD hardware platforms except 41xx and 9300)
Cisco_FTD_SSP_Hotfix_EI-6.1.0.7-2.sh (41xx and 9300 FTD hardware platforms) 6.2.0 Not vulnerable 6.2.1 Migrate to 6.2.2.3 6.2.2 6.2.2.3 6.2.3 6.2.3.1
6.2.3-851
6.2.3-85.02
1Software image for FTD Virtual for the Microsoft Azure Cloud
2Software image for FTD Virtual for the AWS Cloud
The software is available for download from the Software Center ["https://software.cisco.com/download/navigator.html"] on Cisco.com by navigating to Products > Security > Firewalls > Next-Generation Firewalls (NGFW), where there is a list of Cisco FTD hardware platforms.
Vulnerability Policy
To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
Exploitation and Public Announcements
In September 2019, the Cisco Product Security Incident Response Team (PSIRT) became aware of additional attempted exploitation of this vulnerability in the wild. Cisco continues to strongly recommend that customers upgrade to a fixed Cisco ASA Software release to remediate this vulnerability.
Source
Cisco would like to thank security researcher Michal Bentkowski from Securitum for reporting this vulnerability.
Legal Disclaimer
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.
{
"document": {
"acknowledgments": [
{
"summary": "Cisco would like to thank security researcher Michal Bentkowski from Securitum for reporting this vulnerability."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"notes": [
{
"category": "summary",
"text": "A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques.\r\n\r\nThe vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic.\r\n\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\r\n\r\nNote: Cisco continues to strongly recommend that customers upgrade to a fixed Cisco ASA Software release to remediate this vulnerability as there are continued attempts to exploit in the wild.\r\n\r\nThis advisory is available at the following link:\r\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd [\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd\"]",
"title": "Summary"
},
{
"category": "general",
"text": "This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products:\r\n\r\n3000 Series Industrial Security Appliance (ISA)\r\nASA 1000V Cloud Firewall\r\nASA 5500 Series Adaptive Security Appliances\r\nASA 5500-X Series Next-Generation Firewalls\r\nASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers\r\nAdaptive Security Virtual Appliance (ASAv)\r\nFirepower 2100 Series Security Appliance\r\nFirepower 4100 Series Security Appliance\r\nFirepower 9300 ASA Security Module\r\nFTD Virtual (FTDv)\r\n ASA Software\r\n\r\nIn the following table, the left column lists the Cisco ASA features that are potentially vulnerable. The right column indicates the basic configuration for the feature from the show running-config CLI command, if it can be determined. If the device is configured for one of these features, follow the additional instructions to determine if the device is vulnerable.\r\n\r\n Cisco ASA Feature Possible Vulnerable Configuration Adaptive Security Device Manager (ASDM)1 http server enable \u003cport\u003e\r\nhttp \u003cremote_ip_address\u003e \u003cremote_subnet_mask\u003e \u003cinterface_name\u003e AnyConnect IKEv2 Remote Access (with client services) crypto ikev2 enable \u003cinterface_name\u003e client-services port \u003cport #\u003e\r\nwebvpn\r\n anyconnect enable\r\n AnyConnect IKEv2 Remote Access (without client services) crypto ikev2 enable \u003cinterface_name\u003e\r\nwebvpn\r\n anyconnect enable\r\n AnyConnect SSL VPN webvpn\r\n enable \u003cinterface_name\u003e Cisco Security Manager2 http server enable \u003cport\u003e\r\nhttp \u003cremote_ip_address\u003e \u003cremote_subnet_mask\u003e \u003cinterface_name\u003e\r\n Clientless SSL VPN webvpn\r\n enable \u003cinterface_name\u003e Cut-Through Proxy (Not vulnerable unless used in conjunction with other vulnerable features on the same port) aaa authentication listener \u003cinterface_name\u003e port \u003cnumber\u003e\r\n Local Certificate Authority (CA) crypto ca server\r\n no shutdown\r\n Mobile Device Manager (MDM) Proxy3 mdm-proxy\r\n enable \u003cinterface_name\u003e Mobile User Security (MUS) webvpn\r\n mus password \u003cpassword\u003e\r\n mus server enable port \u003cport #\u003e\r\n mus \u003caddress\u003e \u003cmask\u003e \u003cinterface_name\u003e Proxy Bypass\r\n webvpn\r\n proxy-bypass\r\n REST API4 rest-api image disk0:/\u003cimage name\u003e\r\nrest-api agent\r\n\r\n1ASDM is vulnerable only from an IP address in the configured http command range.\r\n2 Cisco Security Manager is vulnerable only from an IP address in the configured http command range.\r\n3The MDM Proxy is first supported as of Cisco ASA Software Release 9.3.1.\r\n4The REST API is first supported as of Cisco ASA Software Release 9.3.2. The REST API is vulnerable only from an IP address in the configured http command range.\r\n\r\nDetermining Whether an ASA Configured with a Potentially Vulnerable Feature Is Vulnerable\r\n\r\nStep 1: Administrators can use the show asp table socket | include SSL|DTLS command and look for a Secure Sockets Layer (SSL) or a Datagram Transport Layer Security (DTLS) listen socket on any TCP port. If either socket is present in the output and the ASA device is configured for one or more of the ASA features in the preceding table, the device may be vulnerable. The following example shows an ASA device with SSL and DTLS listen sockets:\r\n\r\n\r\nciscoasa# show asp table socket | include SSL|DTLS\r\n\r\n\r\nSSL 00185038 LISTEN 172.16.0.250:443 0.0.0.0:*\r\nSSL 00188638 LISTEN 10.0.0.250:443 0.0.0.0:*\r\nDTLS 0018f7a8 LISTEN 10.0.0.250:443 0.0.0.0:*\r\n Step 2: Administrators can then use the show processes | include Unicorn command to see if the vulnerable process is running on the device. This means that one of the possible vulnerable features has created an instance of the internal web server, which is vulnerable. If Unicorn Proxy Thread is present, the device is considered vulnerable.\r\n\r\n\r\nciscoasa# show processes | include Unicorn\r\n\r\n\r\nMwe 0x0000557f9f5bafc0 0x00007f62de5a90a8 0x0000557fa52b50a0 3632 0x00007f62c8c87030 30704/32768 Unicorn Proxy Thread 218\r\n Note: The Unicorn Proxy Thread identifier in the preceding example is 218 and can vary. A device must be considered vulnerable if the Unicorn Proxy Thread process is running, regardless of the actual thread identifier number.\r\n\r\nDetermining the Running ASA Software Release\r\n\r\nTo determine whether a vulnerable release of Cisco ASA Software is running on a device, administrators can use the show version | include Version command in the CLI. The following example shows the output of the command for a device that is running Cisco ASA Software Release 9.2(1):\r\nciscoasa# show version | include Version\r\n\r\n\r\nCisco Adaptive Security Appliance Software Version 9.2(1)\r\nDevice Manager Version 7.4(1)\r\n Administrators who use Cisco Adaptive Security Device Manager (ASDM) to manage devices can locate the software release in the table that appears in the login window or the upper-left corner of the Cisco ASDM window.\r\n\r\nFTD Software\r\n\r\nThis vulnerability applies to all Cisco FTD Software releases except Release 6.2.0, which is not vulnerable. See the Fixed Releases [\"#fs\"] section for additional information about fixed releases of Cisco FTD Software. The Cisco FTD Software release contains both Firepower and ASA code. Review the \u201cFirepower Threat Defense Devices\u201d section of the Cisco Firepower Compatibility Guide [\"https://www.cisco.com/c/en/us/td/docs/security/firepower/compatibility/firepower-compatibility.html#reference_070E1908889545BDB6CC564676202628\"] for additional information.\r\n\r\nIn the following table, the left column lists the Cisco FTD features that are potentially vulnerable. The right column indicates the basic configuration for the feature from the show running-config CLI command, if it can be determined. If the device is configured for one of these features, follow the additional instructions to determine if the device is vulnerable.\r\n\r\n Cisco FTD Feature Vulnerable Configuration HTTP Service enabled1 http server enable \u003cport #\u003e\r\nhttp \u003cremote_ip_address\u003e \u003cremote_subnet_mask\u003e \u003cinterface_name\u003e\r\n AnyConnect IKEv2 Remote Access (with client services)2,3 crypto ikev2 enable \u003cinterface_name\u003e client-services port \u003cport #\u003e\r\nwebvpn\r\n anyconnect enable AnyConnect IKEv2 Remote Access (without client services)2,3 crypto ikev2 enable \u003cinterface_name\u003e\r\nwebvpn\r\n anyconnect enable AnyConnect SSL VPN2,3 webvpn\r\n enable \u003cinterface_name\u003e\r\n1 The HTTP feature is enabled via Firepower Threat Defense Platform Settings \u003e HTTP in the Cisco Firepower Management Console (FMC).\r\n2 Remote Access VPN features are enabled via Devices \u003e VPN \u003e Remote Access in the Cisco FMC or via Device \u003e Remote Access VPN in Cisco Firepower Device Manager (FDM).\r\n3 Remote Access VPN features are first supported as of Cisco FTD Software Release 6.2.2.\r\n\r\nDetermining Whether Cisco FTD Configured with a Potentially Vulnerable Feature Is Vulnerable\r\n\r\nStep 1: Administrators can use the show asp table socket | include SSL|DTLS command and look for an SSL or a DTLS listen socket on any TCP port. If either socket is present in the output and the FTD device is configured for one or more of the features listed in the preceding table, the device may be vulnerable. The following example shows an FTD device with SSL and DTLS listen sockets:\r\n\r\n\r\nfirepower# show asp table socket | include SSL|DTLS\r\n\r\n\r\nSSL 01ffb648 LISTEN 1.1.1.1:443 0.0.0.0:*\r\nDTLS 00009438 LISTEN 1.1.1.1:443 0.0.0.0:*\r\n\r\n Step 2: Administrators can then use the show processes | include Unicorn command to see if the vulnerable process is running on the device. This means that one of the possible vulnerable features has created an instance of the internal web server, which is vulnerable. If Unicorn Proxy Thread is present, the device is considered vulnerable.\r\n\r\n\r\nfirepower# show processes | include Unicorn\r\n\r\n\r\nMwe 0x0000557f9f5bafc0 0x00007f62de5a90a8 0x0000557fa52b50a0 3632 0x00007f62c8c87030 30704/32768 Unicorn Proxy Thread 218\r\n\r\nNotes:\r\n\r\nThe Unicorn Proxy Thread identifier in the previous example is 218 and can vary. A device must be considered vulnerable if the Unicorn Proxy Thread process is running, regardless of the actual thread identifier number.\r\nAlthough certain IKEv2 feature sets do not enable the underlying SSL TCP listening socket, they may still be vulnerable. Administrators can use the show running-config crypto ikev2 CLI command to check if the crypto ikev2 enable configuration command is present in the configuration, as shown in the following example:\r\n\r\nfirepower# show running-config crypto ikev2 | include enable\r\n\r\n\r\ncrypto ikev2 enable Outside\r\n If a command like crypto ikev2 enable is present in the running configuration and the anyconnect enable command is part of the global webvpn configuration, the Cisco FTD device is also considered vulnerable.\r\nDetermining the Running Cisco FTD Software Release\r\n\r\nAdministrators can use the show version command in the CLI to determine the Cisco FTD Software release. In this example, the device is running Release 6.2.2:\r\n\u003e show version\r\n\r\n\r\n---------------------[ ftd ]---------------------\r\nModel : Cisco ASA5525-X Threat Defense (75) Version 6.2.2 (Build 362)\r\nUUID : 2849ba3c-ecb8-11e6-98ca-b9fc2975893c\r\nRules update version : 2017-03-15-001-vrt\r\nVDB version : 279\r\n----------------------------------------------------",
"title": "Vulnerable Products"
},
{
"category": "general",
"text": "Only products listed in the Vulnerable Products [\"#vp\"] section of this advisory are known to be affected by this vulnerability.\r\n\r\nCisco has confirmed that Cisco AnyConnect Secure Mobility Client is not vulnerable.",
"title": "Products Confirmed Not Vulnerable"
},
{
"category": "general",
"text": "There are no workarounds that address this vulnerability.",
"title": "Workarounds"
},
{
"category": "general",
"text": "Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license:\r\nhttps://www.cisco.com/c/en/us/products/end-user-license-agreement.html [\"https://www.cisco.com/c/en/us/products/end-user-license-agreement.html\"]\r\n\r\nAdditionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades.\r\n\r\nWhen considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page [\"https://www.cisco.com/go/psirt\"], to determine exposure and a complete upgrade solution.\r\n\r\nIn all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.\r\n\r\nCustomers Without Service Contracts\r\n\r\nCustomers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC:\r\nhttps://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html [\"https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html\"]\r\n\r\nCustomers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade.\r\n\r\nFixed Releases\r\n\r\nCustomers should upgrade to an appropriate release as indicated in the following tables.\r\n\r\nCisco ASA Software\r\n Cisco ASA Software Release First Fixed Release for This Vulnerability Prior to 9.11 Migrate to 9.1.7.29 9.1 9.1.7.29 9.2 9.2.4.33 9.31 Migrate to 9.4.4.18 9.4 9.4.4.18 9.51 Migrate to 9.6.4.8 9.6 9.6.4.8 9.7 9.7.1.24 9.8 9.8.2.28 9.9 9.9.2.1\r\n1Cisco ASA Software releases prior to Release 9.1 and Cisco ASA Software Releases 9.3 and 9.5 have reached end-of-software maintenance. Customers should migrate to a supported release.\r\n\r\nThe software is available for download from the Software Center [\"https://software.cisco.com/download/navigator.html\"] on Cisco.com by navigating to Products \u003e Security \u003e Firewalls \u003e Adaptive Security Appliances (ASA) \u003e ASA 5500-X Series Firewalls, where there is a list of Cisco ASA hardware platforms. The majority of these software releases are listed under Interim.\r\n\r\nCisco FTD Software\r\n Cisco FTD Software Release First Fixed Release for This Vulnerability 6.0 Migrate to 6.1.0 HotFix or later 6.0.1 Migrate to 6.1.0 HotFix or later 6.1.0 Cisco_FTD_Hotfix_EI-6.1.0.7-2.sh (all FTD hardware platforms except 41xx and 9300)\r\nCisco_FTD_SSP_Hotfix_EI-6.1.0.7-2.sh (41xx and 9300 FTD hardware platforms) 6.2.0 Not vulnerable 6.2.1 Migrate to 6.2.2.3 6.2.2 6.2.2.3 6.2.3 6.2.3.1\r\n6.2.3-851\r\n6.2.3-85.02\r\n1Software image for FTD Virtual for the Microsoft Azure Cloud\r\n2Software image for FTD Virtual for the AWS Cloud\r\n\r\nThe software is available for download from the Software Center [\"https://software.cisco.com/download/navigator.html\"] on Cisco.com by navigating to Products \u003e Security \u003e Firewalls \u003e Next-Generation Firewalls (NGFW), where there is a list of Cisco FTD hardware platforms.",
"title": "Fixed Software"
},
{
"category": "general",
"text": "To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html\"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.",
"title": "Vulnerability Policy"
},
{
"category": "general",
"text": "In September 2019, the Cisco Product Security Incident Response Team (PSIRT) became aware of additional attempted exploitation of this vulnerability in the wild. Cisco continues to strongly recommend that customers upgrade to a fixed Cisco ASA Software release to remediate this vulnerability.",
"title": "Exploitation and Public Announcements"
},
{
"category": "general",
"text": "Cisco would like to thank security researcher Michal Bentkowski from Securitum for reporting this vulnerability.",
"title": "Source"
},
{
"category": "legal_disclaimer",
"text": "THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.\r\n\r\nA standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.",
"title": "Legal Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "Emergency Support:\r\n+1 877 228 7302 (toll-free within North America)\r\n+1 408 525 6532 (International direct-dial)\r\nNon-emergency Support:\r\nEmail: psirt@cisco.com\r\nSupport requests that are received via e-mail are typically acknowledged within 48 hours.",
"issuing_authority": "Cisco product security incident response is the responsibility of the Cisco Product Security Incident Response Team (PSIRT). The Cisco PSIRT is a dedicated, global team that manages the receipt, investigation, and public reporting of security vulnerability information that is related to Cisco products and networks. The on-call Cisco PSIRT works 24x7 with Cisco customers, independent security researchers, consultants, industry organizations, and other vendors to identify possible security issues with Cisco products and networks.\r\nMore information can be found in Cisco Security Vulnerability Policy available at https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html",
"name": "Cisco",
"namespace": "https://wwww.cisco.com"
},
"references": [
{
"category": "self",
"summary": "Cisco Adaptive Security Appliance Web Services Denial of Service Vulnerability",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd"
},
{
"category": "external",
"summary": "Cisco Security Vulnerability Policy",
"url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"
},
{
"category": "external",
"summary": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd"
},
{
"category": "external",
"summary": "Cisco Firepower Compatibility Guide",
"url": "https://www.cisco.com/c/en/us/td/docs/security/firepower/compatibility/firepower-compatibility.html#reference_070E1908889545BDB6CC564676202628"
},
{
"category": "external",
"summary": "https://www.cisco.com/c/en/us/products/end-user-license-agreement.html",
"url": "https://www.cisco.com/c/en/us/products/end-user-license-agreement.html"
},
{
"category": "external",
"summary": "Cisco Security Advisories and Alerts page",
"url": "https://www.cisco.com/go/psirt"
},
{
"category": "external",
"summary": "https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html",
"url": "https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html"
},
{
"category": "external",
"summary": "Software Center",
"url": "https://software.cisco.com/download/navigator.html"
},
{
"category": "external",
"summary": "Software Center",
"url": "https://software.cisco.com/download/navigator.html"
},
{
"category": "external",
"summary": "Security Vulnerability Policy",
"url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"
}
],
"title": "Cisco Adaptive Security Appliance Web Services Denial of Service Vulnerability",
"tracking": {
"current_release_date": "2019-09-24T17:49:53+00:00",
"generator": {
"date": "2022-09-03T03:18:20+00:00",
"engine": {
"name": "TVCE"
}
},
"id": "cisco-sa-20180606-asaftd",
"initial_release_date": "2018-06-06T16:00:00+00:00",
"revision_history": [
{
"date": "2018-06-06T15:16:49+00:00",
"number": "1.0.0",
"summary": "Initial public release."
},
{
"date": "2018-06-22T17:44:00+00:00",
"number": "1.1.0",
"summary": "Updated the Exploitation and Public Announcements section with up-to-date exploitation information."
},
{
"date": "2018-10-05T15:28:40+00:00",
"number": "1.2.0",
"summary": "Corrected advisory metadata to remove unaffected version 6.2.0."
},
{
"date": "2019-03-06T16:27:22+00:00",
"number": "1.3.0",
"summary": "Updated the exploitation information in the Exploitation and Public Announcements section."
},
{
"date": "2019-09-24T17:49:53+00:00",
"number": "1.4.0",
"summary": "Changed the SIR value to Critical, added a note about upgrading to the Summary, and updated the exploitation information in the Exploitation and Public Announcements section."
}
],
"status": "final",
"version": "1.4.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "service_pack",
"name": "9.1.1",
"product": {
"name": "9.1.1",
"product_id": "CSAFPID-188867"
}
},
{
"category": "service_pack",
"name": "9.1.1.4",
"product": {
"name": "9.1.1.4",
"product_id": "CSAFPID-191211"
}
},
{
"category": "service_pack",
"name": "9.1.2",
"product": {
"name": "9.1.2",
"product_id": "CSAFPID-191212"
}
},
{
"category": "service_pack",
"name": "9.1.3",
"product": {
"name": "9.1.3",
"product_id": "CSAFPID-194998"
}
},
{
"category": "service_pack",
"name": "9.1.2.8",
"product": {
"name": "9.1.2.8",
"product_id": "CSAFPID-194999"
}
},
{
"category": "service_pack",
"name": "9.1.3.2",
"product": {
"name": "9.1.3.2",
"product_id": "CSAFPID-198551"
}
},
{
"category": "service_pack",
"name": "9.1.4",
"product": {
"name": "9.1.4",
"product_id": "CSAFPID-198552"
}
},
{
"category": "service_pack",
"name": "9.1.4.5",
"product": {
"name": "9.1.4.5",
"product_id": "CSAFPID-198553"
}
},
{
"category": "service_pack",
"name": "9.1.5",
"product": {
"name": "9.1.5",
"product_id": "CSAFPID-198554"
}
},
{
"category": "service_pack",
"name": "9.1.5.10",
"product": {
"name": "9.1.5.10",
"product_id": "CSAFPID-202941"
}
},
{
"category": "service_pack",
"name": "9.1.5.12",
"product": {
"name": "9.1.5.12",
"product_id": "CSAFPID-202942"
}
},
{
"category": "service_pack",
"name": "9.1.5.15",
"product": {
"name": "9.1.5.15",
"product_id": "CSAFPID-202943"
}
},
{
"category": "service_pack",
"name": "9.1.6",
"product": {
"name": "9.1.6",
"product_id": "CSAFPID-206218"
}
},
{
"category": "service_pack",
"name": "9.1.5.21",
"product": {
"name": "9.1.5.21",
"product_id": "CSAFPID-206491"
}
},
{
"category": "service_pack",
"name": "9.1.6.1",
"product": {
"name": "9.1.6.1",
"product_id": "CSAFPID-206492"
}
},
{
"category": "service_pack",
"name": "9.1.6.6",
"product": {
"name": "9.1.6.6",
"product_id": "CSAFPID-210983"
}
},
{
"category": "service_pack",
"name": "9.1.6.4",
"product": {
"name": "9.1.6.4",
"product_id": "CSAFPID-210988"
}
},
{
"category": "service_pack",
"name": "9.1.6.8",
"product": {
"name": "9.1.6.8",
"product_id": "CSAFPID-211051"
}
},
{
"category": "service_pack",
"name": "9.1.6.10",
"product": {
"name": "9.1.6.10",
"product_id": "CSAFPID-211059"
}
},
{
"category": "service_pack",
"name": "9.1.7.4",
"product": {
"name": "9.1.7.4",
"product_id": "CSAFPID-220448"
}
},
{
"category": "service_pack",
"name": "9.1.7.6",
"product": {
"name": "9.1.7.6",
"product_id": "CSAFPID-220996"
}
},
{
"category": "service_pack",
"name": "9.1.7.7",
"product": {
"name": "9.1.7.7",
"product_id": "CSAFPID-220997"
}
},
{
"category": "service_pack",
"name": "9.1.7.9",
"product": {
"name": "9.1.7.9",
"product_id": "CSAFPID-220998"
}
},
{
"category": "service_pack",
"name": "9.1.7.11",
"product": {
"name": "9.1.7.11",
"product_id": "CSAFPID-220999"
}
},
{
"category": "service_pack",
"name": "9.1.7.12",
"product": {
"name": "9.1.7.12",
"product_id": "CSAFPID-221000"
}
},
{
"category": "service_pack",
"name": "9.1.7.13",
"product": {
"name": "9.1.7.13",
"product_id": "CSAFPID-225987"
}
},
{
"category": "service_pack",
"name": "9.1.7.15",
"product": {
"name": "9.1.7.15",
"product_id": "CSAFPID-225988"
}
},
{
"category": "service_pack",
"name": "9.1.5.16",
"product": {
"name": "9.1.5.16",
"product_id": "CSAFPID-232601"
}
},
{
"category": "service_pack",
"name": "9.1.5.19",
"product": {
"name": "9.1.5.19",
"product_id": "CSAFPID-232602"
}
},
{
"category": "service_pack",
"name": "9.1.7.16",
"product": {
"name": "9.1.7.16",
"product_id": "CSAFPID-232603"
}
},
{
"category": "service_pack",
"name": "9.1.7.19",
"product": {
"name": "9.1.7.19",
"product_id": "CSAFPID-232604"
}
},
{
"category": "service_pack",
"name": "9.1.7",
"product": {
"name": "9.1.7",
"product_id": "CSAFPID-232615"
}
},
{
"category": "service_pack",
"name": "9.1.7.20",
"product": {
"name": "9.1.7.20",
"product_id": "CSAFPID-232915"
}
},
{
"category": "service_pack",
"name": "9.1.7.21",
"product": {
"name": "9.1.7.21",
"product_id": "CSAFPID-232916"
}
},
{
"category": "service_pack",
"name": "9.1.7.23",
"product": {
"name": "9.1.7.23",
"product_id": "CSAFPID-232917"
}
},
{
"category": "service_pack",
"name": "9.1.6.11",
"product": {
"name": "9.1.6.11",
"product_id": "CSAFPID-232918"
}
},
{
"category": "service_pack",
"name": "9.1.7.25",
"product": {
"name": "9.1.7.25",
"product_id": "CSAFPID-239001"
}
}
],
"category": "product_version",
"name": "9.1"
},
{
"branches": [
{
"category": "service_pack",
"name": "9.2.1",
"product": {
"name": "9.2.1",
"product_id": "CSAFPID-202938"
}
},
{
"category": "service_pack",
"name": "9.2.2",
"product": {
"name": "9.2.2",
"product_id": "CSAFPID-202946"
}
},
{
"category": "service_pack",
"name": "9.2.2.4",
"product": {
"name": "9.2.2.4",
"product_id": "CSAFPID-202947"
}
},
{
"category": "service_pack",
"name": "9.2.2.7",
"product": {
"name": "9.2.2.7",
"product_id": "CSAFPID-202948"
}
},
{
"category": "service_pack",
"name": "9.2.3",
"product": {
"name": "9.2.3",
"product_id": "CSAFPID-202949"
}
},
{
"category": "service_pack",
"name": "9.2.2.8",
"product": {
"name": "9.2.2.8",
"product_id": "CSAFPID-204544"
}
},
{
"category": "service_pack",
"name": "9.2.3.3",
"product": {
"name": "9.2.3.3",
"product_id": "CSAFPID-206489"
}
},
{
"category": "service_pack",
"name": "9.2.3.4",
"product": {
"name": "9.2.3.4",
"product_id": "CSAFPID-206490"
}
},
{
"category": "service_pack",
"name": "9.2.0.0",
"product": {
"name": "9.2.0.0",
"product_id": "CSAFPID-207903"
}
},
{
"category": "service_pack",
"name": "9.2.0.104",
"product": {
"name": "9.2.0.104",
"product_id": "CSAFPID-207904"
}
},
{
"category": "service_pack",
"name": "9.2.3.1",
"product": {
"name": "9.2.3.1",
"product_id": "CSAFPID-207905"
}
},
{
"category": "service_pack",
"name": "9.2.4",
"product": {
"name": "9.2.4",
"product_id": "CSAFPID-210984"
}
},
{
"category": "service_pack",
"name": "9.2.4.2",
"product": {
"name": "9.2.4.2",
"product_id": "CSAFPID-212707"
}
},
{
"category": "service_pack",
"name": "9.2.4.4",
"product": {
"name": "9.2.4.4",
"product_id": "CSAFPID-212708"
}
},
{
"category": "service_pack",
"name": "9.2.4.8",
"product": {
"name": "9.2.4.8",
"product_id": "CSAFPID-221001"
}
},
{
"category": "service_pack",
"name": "9.2.4.10",
"product": {
"name": "9.2.4.10",
"product_id": "CSAFPID-221002"
}
},
{
"category": "service_pack",
"name": "9.2.4.13",
"product": {
"name": "9.2.4.13",
"product_id": "CSAFPID-221003"
}
},
{
"category": "service_pack",
"name": "9.2.4.14",
"product": {
"name": "9.2.4.14",
"product_id": "CSAFPID-221004"
}
},
{
"category": "service_pack",
"name": "9.2.4.16",
"product": {
"name": "9.2.4.16",
"product_id": "CSAFPID-221005"
}
},
{
"category": "service_pack",
"name": "9.2.4.17",
"product": {
"name": "9.2.4.17",
"product_id": "CSAFPID-221006"
}
},
{
"category": "service_pack",
"name": "9.2.4.18",
"product": {
"name": "9.2.4.18",
"product_id": "CSAFPID-224844"
}
},
{
"category": "service_pack",
"name": "9.2.4.19",
"product": {
"name": "9.2.4.19",
"product_id": "CSAFPID-224845"
}
},
{
"category": "service_pack",
"name": "9.2.4.5",
"product": {
"name": "9.2.4.5",
"product_id": "CSAFPID-232597"
}
},
{
"category": "service_pack",
"name": "9.2.4.20",
"product": {
"name": "9.2.4.20",
"product_id": "CSAFPID-232598"
}
},
{
"category": "service_pack",
"name": "9.2.4.22",
"product": {
"name": "9.2.4.22",
"product_id": "CSAFPID-232599"
}
},
{
"category": "service_pack",
"name": "9.2.4.24",
"product": {
"name": "9.2.4.24",
"product_id": "CSAFPID-232600"
}
},
{
"category": "service_pack",
"name": "9.2.4.25",
"product": {
"name": "9.2.4.25",
"product_id": "CSAFPID-232913"
}
},
{
"category": "service_pack",
"name": "9.2.4.27",
"product": {
"name": "9.2.4.27",
"product_id": "CSAFPID-232914"
}
},
{
"category": "service_pack",
"name": "9.2.4.28",
"product": {
"name": "9.2.4.28",
"product_id": "CSAFPID-239002"
}
}
],
"category": "product_version",
"name": "9.2"
},
{
"branches": [
{
"category": "service_pack",
"name": "9.3.1",
"product": {
"name": "9.3.1",
"product_id": "CSAFPID-202940"
}
},
{
"category": "service_pack",
"name": "9.3.1.1",
"product": {
"name": "9.3.1.1",
"product_id": "CSAFPID-202944"
}
},
{
"category": "service_pack",
"name": "9.3.2",
"product": {
"name": "9.3.2",
"product_id": "CSAFPID-202945"
}
},
{
"category": "service_pack",
"name": "9.3.2.2",
"product": {
"name": "9.3.2.2",
"product_id": "CSAFPID-206487"
}
},
{
"category": "service_pack",
"name": "9.3.3",
"product": {
"name": "9.3.3",
"product_id": "CSAFPID-206488"
}
},
{
"category": "service_pack",
"name": "9.3.5",
"product": {
"name": "9.3.5",
"product_id": "CSAFPID-210985"
}
},
{
"category": "service_pack",
"name": "9.3.3.1",
"product": {
"name": "9.3.3.1",
"product_id": "CSAFPID-211050"
}
},
{
"category": "service_pack",
"name": "9.3.3.2",
"product": {
"name": "9.3.3.2",
"product_id": "CSAFPID-211057"
}
},
{
"category": "service_pack",
"name": "9.3.3.5",
"product": {
"name": "9.3.3.5",
"product_id": "CSAFPID-211058"
}
},
{
"category": "service_pack",
"name": "9.3.3.6",
"product": {
"name": "9.3.3.6",
"product_id": "CSAFPID-212706"
}
},
{
"category": "service_pack",
"name": "9.3.3.9",
"product": {
"name": "9.3.3.9",
"product_id": "CSAFPID-221007"
}
},
{
"category": "service_pack",
"name": "9.3.3.10",
"product": {
"name": "9.3.3.10",
"product_id": "CSAFPID-221008"
}
},
{
"category": "service_pack",
"name": "9.3.3.11",
"product": {
"name": "9.3.3.11",
"product_id": "CSAFPID-221009"
}
},
{
"category": "service_pack",
"name": "9.3.3.7",
"product": {
"name": "9.3.3.7",
"product_id": "CSAFPID-232596"
}
}
],
"category": "product_version",
"name": "9.3"
},
{
"branches": [
{
"category": "service_pack",
"name": "9.4.1",
"product": {
"name": "9.4.1",
"product_id": "CSAFPID-206486"
}
},
{
"category": "service_pack",
"name": "9.4.0.115",
"product": {
"name": "9.4.0.115",
"product_id": "CSAFPID-207900"
}
},
{
"category": "service_pack",
"name": "9.4.1.1",
"product": {
"name": "9.4.1.1",
"product_id": "CSAFPID-208301"
}
},
{
"category": "service_pack",
"name": "9.4.2",
"product": {
"name": "9.4.2",
"product_id": "CSAFPID-210986"
}
},
{
"category": "service_pack",
"name": "9.4.1.5",
"product": {
"name": "9.4.1.5",
"product_id": "CSAFPID-211054"
}
},
{
"category": "service_pack",
"name": "9.4.1.3",
"product": {
"name": "9.4.1.3",
"product_id": "CSAFPID-211055"
}
},
{
"category": "service_pack",
"name": "9.4.1.2",
"product": {
"name": "9.4.1.2",
"product_id": "CSAFPID-211056"
}
},
{
"category": "service_pack",
"name": "9.4.2.3",
"product": {
"name": "9.4.2.3",
"product_id": "CSAFPID-212705"
}
},
{
"category": "service_pack",
"name": "9.4.3",
"product": {
"name": "9.4.3",
"product_id": "CSAFPID-221010"
}
},
{
"category": "service_pack",
"name": "9.4.3.3",
"product": {
"name": "9.4.3.3",
"product_id": "CSAFPID-221011"
}
},
{
"category": "service_pack",
"name": "9.4.3.4",
"product": {
"name": "9.4.3.4",
"product_id": "CSAFPID-221012"
}
},
{
"category": "service_pack",
"name": "9.4.3.6",
"product": {
"name": "9.4.3.6",
"product_id": "CSAFPID-221013"
}
},
{
"category": "service_pack",
"name": "9.4.3.8",
"product": {
"name": "9.4.3.8",
"product_id": "CSAFPID-221014"
}
},
{
"category": "service_pack",
"name": "9.4.3.11",
"product": {
"name": "9.4.3.11",
"product_id": "CSAFPID-221015"
}
},
{
"category": "service_pack",
"name": "9.4.3.12",
"product": {
"name": "9.4.3.12",
"product_id": "CSAFPID-221016"
}
},
{
"category": "service_pack",
"name": "9.4.4",
"product": {
"name": "9.4.4",
"product_id": "CSAFPID-221017"
}
},
{
"category": "service_pack",
"name": "9.4.4.2",
"product": {
"name": "9.4.4.2",
"product_id": "CSAFPID-224847"
}
},
{
"category": "service_pack",
"name": "9.4.4.5",
"product": {
"name": "9.4.4.5",
"product_id": "CSAFPID-231291"
}
},
{
"category": "service_pack",
"name": "9.4.4.6",
"product": {
"name": "9.4.4.6",
"product_id": "CSAFPID-231292"
}
},
{
"category": "service_pack",
"name": "9.4.4.8",
"product": {
"name": "9.4.4.8",
"product_id": "CSAFPID-231293"
}
},
{
"category": "service_pack",
"name": "9.4.4.10",
"product": {
"name": "9.4.4.10",
"product_id": "CSAFPID-231294"
}
},
{
"category": "service_pack",
"name": "9.4.4.12",
"product": {
"name": "9.4.4.12",
"product_id": "CSAFPID-231295"
}
},
{
"category": "service_pack",
"name": "9.4.4.13",
"product": {
"name": "9.4.4.13",
"product_id": "CSAFPID-231296"
}
},
{
"category": "service_pack",
"name": "9.4.4.14",
"product": {
"name": "9.4.4.14",
"product_id": "CSAFPID-231297"
}
},
{
"category": "service_pack",
"name": "9.4.2.6",
"product": {
"name": "9.4.2.6",
"product_id": "CSAFPID-232594"
}
},
{
"category": "service_pack",
"name": "9.4.2.11",
"product": {
"name": "9.4.2.11",
"product_id": "CSAFPID-232595"
}
},
{
"category": "service_pack",
"name": "9.4.4.16",
"product": {
"name": "9.4.4.16",
"product_id": "CSAFPID-232911"
}
},
{
"category": "service_pack",
"name": "9.4.1.13",
"product": {
"name": "9.4.1.13",
"product_id": "CSAFPID-232912"
}
},
{
"category": "service_pack",
"name": "9.4.4.17",
"product": {
"name": "9.4.4.17",
"product_id": "CSAFPID-235906"
}
}
],
"category": "product_version",
"name": "9.4"
},
{
"branches": [
{
"category": "service_pack",
"name": "9.5.1",
"product": {
"name": "9.5.1",
"product_id": "CSAFPID-212614"
}
},
{
"category": "service_pack",
"name": "9.5.2",
"product": {
"name": "9.5.2",
"product_id": "CSAFPID-212704"
}
},
{
"category": "service_pack",
"name": "9.5.2.6",
"product": {
"name": "9.5.2.6",
"product_id": "CSAFPID-221018"
}
},
{
"category": "service_pack",
"name": "9.5.2.10",
"product": {
"name": "9.5.2.10",
"product_id": "CSAFPID-221019"
}
},
{
"category": "service_pack",
"name": "9.5.2.14",
"product": {
"name": "9.5.2.14",
"product_id": "CSAFPID-221020"
}
},
{
"category": "service_pack",
"name": "9.5.3",
"product": {
"name": "9.5.3",
"product_id": "CSAFPID-221021"
}
},
{
"category": "service_pack",
"name": "9.5.3.2",
"product": {
"name": "9.5.3.2",
"product_id": "CSAFPID-221022"
}
},
{
"category": "service_pack",
"name": "9.5.3.3",
"product": {
"name": "9.5.3.3",
"product_id": "CSAFPID-221023"
}
},
{
"category": "service_pack",
"name": "9.5.3.1",
"product": {
"name": "9.5.3.1",
"product_id": "CSAFPID-224849"
}
},
{
"category": "service_pack",
"name": "9.5.3.6",
"product": {
"name": "9.5.3.6",
"product_id": "CSAFPID-224850"
}
},
{
"category": "service_pack",
"name": "9.5.3.9",
"product": {
"name": "9.5.3.9",
"product_id": "CSAFPID-231298"
}
},
{
"category": "service_pack",
"name": "9.5.2.5",
"product": {
"name": "9.5.2.5",
"product_id": "CSAFPID-232593"
}
},
{
"category": "service_pack",
"name": "9.5.1.4",
"product": {
"name": "9.5.1.4",
"product_id": "CSAFPID-236039"
}
}
],
"category": "product_version",
"name": "9.5"
},
{
"branches": [
{
"category": "service_pack",
"name": "9.6.0",
"product": {
"name": "9.6.0",
"product_id": "CSAFPID-220691"
}
},
{
"category": "service_pack",
"name": "9.6.1",
"product": {
"name": "9.6.1",
"product_id": "CSAFPID-220692"
}
},
{
"category": "service_pack",
"name": "9.6.1.3",
"product": {
"name": "9.6.1.3",
"product_id": "CSAFPID-221024"
}
},
{
"category": "service_pack",
"name": "9.6.1.5",
"product": {
"name": "9.6.1.5",
"product_id": "CSAFPID-221025"
}
},
{
"category": "service_pack",
"name": "9.6.1.10",
"product": {
"name": "9.6.1.10",
"product_id": "CSAFPID-221026"
}
},
{
"category": "service_pack",
"name": "9.6.2",
"product": {
"name": "9.6.2",
"product_id": "CSAFPID-221027"
}
},
{
"category": "service_pack",
"name": "9.6.2.1",
"product": {
"name": "9.6.2.1",
"product_id": "CSAFPID-221028"
}
},
{
"category": "service_pack",
"name": "9.6.2.2",
"product": {
"name": "9.6.2.2",
"product_id": "CSAFPID-221029"
}
},
{
"category": "service_pack",
"name": "9.6.2.3",
"product": {
"name": "9.6.2.3",
"product_id": "CSAFPID-221030"
}
},
{
"category": "service_pack",
"name": "9.6.2.7",
"product": {
"name": "9.6.2.7",
"product_id": "CSAFPID-224852"
}
},
{
"category": "service_pack",
"name": "9.6.2.8",
"product": {
"name": "9.6.2.8",
"product_id": "CSAFPID-224853"
}
},
{
"category": "service_pack",
"name": "9.6.2.9",
"product": {
"name": "9.6.2.9",
"product_id": "CSAFPID-224854"
}
},
{
"category": "service_pack",
"name": "9.6.3",
"product": {
"name": "9.6.3",
"product_id": "CSAFPID-224855"
}
},
{
"category": "service_pack",
"name": "9.6.3.1",
"product": {
"name": "9.6.3.1",
"product_id": "CSAFPID-224856"
}
},
{
"category": "service_pack",
"name": "9.6.2.11",
"product": {
"name": "9.6.2.11",
"product_id": "CSAFPID-225986"
}
},
{
"category": "service_pack",
"name": "9.6.3.3",
"product": {
"name": "9.6.3.3",
"product_id": "CSAFPID-231299"
}
},
{
"category": "service_pack",
"name": "9.6.3.8",
"product": {
"name": "9.6.3.8",
"product_id": "CSAFPID-231300"
}
},
{
"category": "service_pack",
"name": "9.6.3.9",
"product": {
"name": "9.6.3.9",
"product_id": "CSAFPID-231301"
}
},
{
"category": "service_pack",
"name": "9.6.3.11",
"product": {
"name": "9.6.3.11",
"product_id": "CSAFPID-231302"
}
},
{
"category": "service_pack",
"name": "9.6.3.12",
"product": {
"name": "9.6.3.12",
"product_id": "CSAFPID-231303"
}
},
{
"category": "service_pack",
"name": "9.6.3.14",
"product": {
"name": "9.6.3.14",
"product_id": "CSAFPID-231304"
}
},
{
"category": "service_pack",
"name": "9.6.3.17",
"product": {
"name": "9.6.3.17",
"product_id": "CSAFPID-231305"
}
},
{
"category": "service_pack",
"name": "9.63.20",
"product": {
"name": "9.63.20",
"product_id": "CSAFPID-232890"
}
},
{
"category": "service_pack",
"name": "9.62.22",
"product": {
"name": "9.62.22",
"product_id": "CSAFPID-232891"
}
},
{
"category": "service_pack",
"name": "9.62.23",
"product": {
"name": "9.62.23",
"product_id": "CSAFPID-232892"
}
},
{
"category": "service_pack",
"name": "9.6.4.3",
"product": {
"name": "9.6.4.3",
"product_id": "CSAFPID-232907"
}
},
{
"category": "service_pack",
"name": "9.6.3.20",
"product": {
"name": "9.6.3.20",
"product_id": "CSAFPID-232908"
}
},
{
"category": "service_pack",
"name": "9.6.2.22",
"product": {
"name": "9.6.2.22",
"product_id": "CSAFPID-232909"
}
},
{
"category": "service_pack",
"name": "9.6.2.23",
"product": {
"name": "9.6.2.23",
"product_id": "CSAFPID-232910"
}
},
{
"category": "service_pack",
"name": "9.6.4",
"product": {
"name": "9.6.4",
"product_id": "CSAFPID-233267"
}
},
{
"category": "service_pack",
"name": "9.6.2.13",
"product": {
"name": "9.6.2.13",
"product_id": "CSAFPID-235907"
}
},
{
"category": "service_pack",
"name": "9.6.4.5",
"product": {
"name": "9.6.4.5",
"product_id": "CSAFPID-235908"
}
},
{
"category": "service_pack",
"name": "9.6.4.6",
"product": {
"name": "9.6.4.6",
"product_id": "CSAFPID-239003"
}
}
],
"category": "product_version",
"name": "9.6"
},
{
"branches": [
{
"category": "service_pack",
"name": "9.7.1",
"product": {
"name": "9.7.1",
"product_id": "CSAFPID-221032"
}
},
{
"category": "service_pack",
"name": "9.7.1.1",
"product": {
"name": "9.7.1.1",
"product_id": "CSAFPID-224857"
}
},
{
"category": "service_pack",
"name": "9.7.1.2",
"product": {
"name": "9.7.1.2",
"product_id": "CSAFPID-224858"
}
},
{
"category": "service_pack",
"name": "9.7.1.4",
"product": {
"name": "9.7.1.4",
"product_id": "CSAFPID-232590"
}
},
{
"category": "service_pack",
"name": "9.7.1.8",
"product": {
"name": "9.7.1.8",
"product_id": "CSAFPID-232591"
}
},
{
"category": "service_pack",
"name": "9.7.1.15",
"product": {
"name": "9.7.1.15",
"product_id": "CSAFPID-232592"
}
},
{
"category": "service_pack",
"name": "9.7.1.16",
"product": {
"name": "9.7.1.16",
"product_id": "CSAFPID-232903"
}
},
{
"category": "service_pack",
"name": "9.7.1.19",
"product": {
"name": "9.7.1.19",
"product_id": "CSAFPID-232904"
}
},
{
"category": "service_pack",
"name": "9.7.1.20",
"product": {
"name": "9.7.1.20",
"product_id": "CSAFPID-232905"
}
},
{
"category": "service_pack",
"name": "9.7.1.21",
"product": {
"name": "9.7.1.21",
"product_id": "CSAFPID-232906"
}
},
{
"category": "service_pack",
"name": "9.7.1.23",
"product": {
"name": "9.7.1.23",
"product_id": "CSAFPID-239004"
}
}
],
"category": "product_version",
"name": "9.7"
},
{
"branches": [
{
"category": "service_pack",
"name": "9.8.1",
"product": {
"name": "9.8.1",
"product_id": "CSAFPID-232585"
}
},
{
"category": "service_pack",
"name": "9.8.1.5",
"product": {
"name": "9.8.1.5",
"product_id": "CSAFPID-232586"
}
},
{
"category": "service_pack",
"name": "9.8.1.7",
"product": {
"name": "9.8.1.7",
"product_id": "CSAFPID-232587"
}
},
{
"category": "service_pack",
"name": "9.8.2",
"product": {
"name": "9.8.2",
"product_id": "CSAFPID-232588"
}
},
{
"category": "service_pack",
"name": "9.8.2.8",
"product": {
"name": "9.8.2.8",
"product_id": "CSAFPID-232589"
}
},
{
"category": "service_pack",
"name": "9.8.2.10",
"product": {
"name": "9.8.2.10",
"product_id": "CSAFPID-232895"
}
},
{
"category": "service_pack",
"name": "9.8.2.11",
"product": {
"name": "9.8.2.11",
"product_id": "CSAFPID-232896"
}
},
{
"category": "service_pack",
"name": "9.8.2.14",
"product": {
"name": "9.8.2.14",
"product_id": "CSAFPID-232897"
}
},
{
"category": "service_pack",
"name": "9.8.2.15",
"product": {
"name": "9.8.2.15",
"product_id": "CSAFPID-232898"
}
},
{
"category": "service_pack",
"name": "9.8.2.17",
"product": {
"name": "9.8.2.17",
"product_id": "CSAFPID-232899"
}
},
{
"category": "service_pack",
"name": "9.8.2.18",
"product": {
"name": "9.8.2.18",
"product_id": "CSAFPID-232900"
}
},
{
"category": "service_pack",
"name": "9.8.2.19",
"product": {
"name": "9.8.2.19",
"product_id": "CSAFPID-232901"
}
},
{
"category": "service_pack",
"name": "9.8.2.20",
"product": {
"name": "9.8.2.20",
"product_id": "CSAFPID-232902"
}
},
{
"category": "service_pack",
"name": "9.8.2.3",
"product": {
"name": "9.8.2.3",
"product_id": "CSAFPID-235915"
}
},
{
"category": "service_pack",
"name": "9.8.2.24",
"product": {
"name": "9.8.2.24",
"product_id": "CSAFPID-239005"
}
},
{
"category": "service_pack",
"name": "9.8.2.26",
"product": {
"name": "9.8.2.26",
"product_id": "CSAFPID-239006"
}
}
],
"category": "product_version",
"name": "9.8"
},
{
"branches": [
{
"category": "service_pack",
"name": "Base",
"product": {
"name": "Base",
"product_id": "CSAFPID-232875"
}
},
{
"category": "service_pack",
"name": "9.9.1",
"product": {
"name": "9.9.1",
"product_id": "CSAFPID-232894"
}
},
{
"category": "service_pack",
"name": "9.9.1.2",
"product": {
"name": "9.9.1.2",
"product_id": "CSAFPID-235910"
}
},
{
"category": "service_pack",
"name": "9.9.1.3",
"product": {
"name": "9.9.1.3",
"product_id": "CSAFPID-235911"
}
},
{
"category": "service_pack",
"name": "9.9.2",
"product": {
"name": "9.9.2",
"product_id": "CSAFPID-235912"
}
},
{
"category": "service_pack",
"name": "9.9.2.1",
"product": {
"name": "9.9.2.1",
"product_id": "CSAFPID-235913"
}
},
{
"category": "service_pack",
"name": "9.9.1.4",
"product": {
"name": "9.9.1.4",
"product_id": "CSAFPID-235914"
}
}
],
"category": "product_version",
"name": "9.9"
}
],
"category": "product_family",
"name": "Cisco Adaptive Security Appliance (ASA) Software"
},
{
"branches": [
{
"branches": [
{
"category": "service_pack",
"name": "6.0.0",
"product": {
"name": "6.0.0",
"product_id": "CSAFPID-220205"
}
},
{
"category": "service_pack",
"name": "6.0.1",
"product": {
"name": "6.0.1",
"product_id": "CSAFPID-220206"
}
},
{
"category": "service_pack",
"name": "6.0.1.3",
"product": {
"name": "6.0.1.3",
"product_id": "CSAFPID-227125"
}
},
{
"category": "service_pack",
"name": "6.0.1.1",
"product": {
"name": "6.0.1.1",
"product_id": "CSAFPID-232931"
}
},
{
"category": "service_pack",
"name": "6.0.1.2",
"product": {
"name": "6.0.1.2",
"product_id": "CSAFPID-232932"
}
},
{
"category": "service_pack",
"name": "6.0.1.4",
"product": {
"name": "6.0.1.4",
"product_id": "CSAFPID-232933"
}
}
],
"category": "product_version",
"name": "6.0"
},
{
"branches": [
{
"category": "service_pack",
"name": "6.1.0",
"product": {
"name": "6.1.0",
"product_id": "CSAFPID-223033"
}
},
{
"category": "service_pack",
"name": "6.1.0.2",
"product": {
"name": "6.1.0.2",
"product_id": "CSAFPID-226358"
}
},
{
"category": "service_pack",
"name": "6.1.0.1",
"product": {
"name": "6.1.0.1",
"product_id": "CSAFPID-232920"
}
},
{
"category": "service_pack",
"name": "6.1.0.3",
"product": {
"name": "6.1.0.3",
"product_id": "CSAFPID-232921"
}
},
{
"category": "service_pack",
"name": "6.1.0.4",
"product": {
"name": "6.1.0.4",
"product_id": "CSAFPID-232922"
}
},
{
"category": "service_pack",
"name": "6.1.0.5",
"product": {
"name": "6.1.0.5",
"product_id": "CSAFPID-232923"
}
},
{
"category": "service_pack",
"name": "6.1.0.6",
"product": {
"name": "6.1.0.6",
"product_id": "CSAFPID-232924"
}
}
],
"category": "product_version",
"name": "6.1"
},
{
"branches": [
{
"category": "service_pack",
"name": "6.2.1",
"product": {
"name": "6.2.1",
"product_id": "CSAFPID-226359"
}
},
{
"category": "service_pack",
"name": "6.2.2",
"product": {
"name": "6.2.2",
"product_id": "CSAFPID-226360"
}
},
{
"category": "service_pack",
"name": "6.2.2.1",
"product": {
"name": "6.2.2.1",
"product_id": "CSAFPID-232929"
}
},
{
"category": "service_pack",
"name": "6.2.2.2",
"product": {
"name": "6.2.2.2",
"product_id": "CSAFPID-232930"
}
},
{
"category": "service_pack",
"name": "6.2.3",
"product": {
"name": "6.2.3",
"product_id": "CSAFPID-233334"
}
}
],
"category": "product_version",
"name": "6.2"
}
],
"category": "product_family",
"name": "Cisco Firepower Threat Defense Software"
}
],
"category": "vendor",
"name": "Cisco"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-0296",
"ids": [
{
"system_name": "Cisco Bug ID",
"text": "CSCvi16029"
}
],
"notes": [
{
"category": "other",
"text": "Complete.",
"title": "Affected Product Comprehensiveness"
}
],
"product_status": {
"known_affected": [
"CSAFPID-188867",
"CSAFPID-191211",
"CSAFPID-191212",
"CSAFPID-194998",
"CSAFPID-194999",
"CSAFPID-198551",
"CSAFPID-198552",
"CSAFPID-198553",
"CSAFPID-198554",
"CSAFPID-202938",
"CSAFPID-202940",
"CSAFPID-202941",
"CSAFPID-202942",
"CSAFPID-202943",
"CSAFPID-202944",
"CSAFPID-202945",
"CSAFPID-202946",
"CSAFPID-202947",
"CSAFPID-202948",
"CSAFPID-202949",
"CSAFPID-204544",
"CSAFPID-206218",
"CSAFPID-206486",
"CSAFPID-206487",
"CSAFPID-206488",
"CSAFPID-206489",
"CSAFPID-206490",
"CSAFPID-206491",
"CSAFPID-206492",
"CSAFPID-207900",
"CSAFPID-207903",
"CSAFPID-207904",
"CSAFPID-207905",
"CSAFPID-208301",
"CSAFPID-210983",
"CSAFPID-210984",
"CSAFPID-210985",
"CSAFPID-210986",
"CSAFPID-210988",
"CSAFPID-211050",
"CSAFPID-211051",
"CSAFPID-211054",
"CSAFPID-211055",
"CSAFPID-211056",
"CSAFPID-211057",
"CSAFPID-211058",
"CSAFPID-211059",
"CSAFPID-212614",
"CSAFPID-212704",
"CSAFPID-212705",
"CSAFPID-212706",
"CSAFPID-212707",
"CSAFPID-212708",
"CSAFPID-220448",
"CSAFPID-220691",
"CSAFPID-220692",
"CSAFPID-220996",
"CSAFPID-220997",
"CSAFPID-220998",
"CSAFPID-220999",
"CSAFPID-221000",
"CSAFPID-221001",
"CSAFPID-221002",
"CSAFPID-221003",
"CSAFPID-221004",
"CSAFPID-221005",
"CSAFPID-221006",
"CSAFPID-221007",
"CSAFPID-221008",
"CSAFPID-221009",
"CSAFPID-221010",
"CSAFPID-221011",
"CSAFPID-221012",
"CSAFPID-221013",
"CSAFPID-221014",
"CSAFPID-221015",
"CSAFPID-221016",
"CSAFPID-221017",
"CSAFPID-221018",
"CSAFPID-221019",
"CSAFPID-221020",
"CSAFPID-221021",
"CSAFPID-221022",
"CSAFPID-221023",
"CSAFPID-221024",
"CSAFPID-221025",
"CSAFPID-221026",
"CSAFPID-221027",
"CSAFPID-221028",
"CSAFPID-221029",
"CSAFPID-221030",
"CSAFPID-221032",
"CSAFPID-224844",
"CSAFPID-224845",
"CSAFPID-224847",
"CSAFPID-224849",
"CSAFPID-224850",
"CSAFPID-224852",
"CSAFPID-224853",
"CSAFPID-224854",
"CSAFPID-224855",
"CSAFPID-224856",
"CSAFPID-224857",
"CSAFPID-224858",
"CSAFPID-225986",
"CSAFPID-225987",
"CSAFPID-225988",
"CSAFPID-231291",
"CSAFPID-231292",
"CSAFPID-231293",
"CSAFPID-231294",
"CSAFPID-231295",
"CSAFPID-231296",
"CSAFPID-231297",
"CSAFPID-231298",
"CSAFPID-231299",
"CSAFPID-231300",
"CSAFPID-231301",
"CSAFPID-231302",
"CSAFPID-231303",
"CSAFPID-231304",
"CSAFPID-231305",
"CSAFPID-232585",
"CSAFPID-232586",
"CSAFPID-232587",
"CSAFPID-232588",
"CSAFPID-232589",
"CSAFPID-232590",
"CSAFPID-232591",
"CSAFPID-232592",
"CSAFPID-232593",
"CSAFPID-232594",
"CSAFPID-232595",
"CSAFPID-232596",
"CSAFPID-232597",
"CSAFPID-232598",
"CSAFPID-232599",
"CSAFPID-232600",
"CSAFPID-232601",
"CSAFPID-232602",
"CSAFPID-232603",
"CSAFPID-232604",
"CSAFPID-232615",
"CSAFPID-232875",
"CSAFPID-232890",
"CSAFPID-232891",
"CSAFPID-232892",
"CSAFPID-232894",
"CSAFPID-232895",
"CSAFPID-232896",
"CSAFPID-232897",
"CSAFPID-232898",
"CSAFPID-232899",
"CSAFPID-232900",
"CSAFPID-232901",
"CSAFPID-232902",
"CSAFPID-232903",
"CSAFPID-232904",
"CSAFPID-232905",
"CSAFPID-232906",
"CSAFPID-232907",
"CSAFPID-232908",
"CSAFPID-232909",
"CSAFPID-232910",
"CSAFPID-232911",
"CSAFPID-232912",
"CSAFPID-232913",
"CSAFPID-232914",
"CSAFPID-232915",
"CSAFPID-232916",
"CSAFPID-232917",
"CSAFPID-232918",
"CSAFPID-233267",
"CSAFPID-235906",
"CSAFPID-235907",
"CSAFPID-235908",
"CSAFPID-235910",
"CSAFPID-235911",
"CSAFPID-235912",
"CSAFPID-235913",
"CSAFPID-235914",
"CSAFPID-235915",
"CSAFPID-236039",
"CSAFPID-239001",
"CSAFPID-239002",
"CSAFPID-239003",
"CSAFPID-239004",
"CSAFPID-239005",
"CSAFPID-239006",
"CSAFPID-220205",
"CSAFPID-220206",
"CSAFPID-223033",
"CSAFPID-226358",
"CSAFPID-226359",
"CSAFPID-226360",
"CSAFPID-227125",
"CSAFPID-232920",
"CSAFPID-232921",
"CSAFPID-232922",
"CSAFPID-232923",
"CSAFPID-232924",
"CSAFPID-232929",
"CSAFPID-232930",
"CSAFPID-232931",
"CSAFPID-232932",
"CSAFPID-232933",
"CSAFPID-233334"
]
},
"release_date": "2018-06-06T16:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Cisco has released software updates that address this vulnerability.",
"product_ids": [
"CSAFPID-220205",
"CSAFPID-220206",
"CSAFPID-223033",
"CSAFPID-226358",
"CSAFPID-226359",
"CSAFPID-226360",
"CSAFPID-227125",
"CSAFPID-232920",
"CSAFPID-232921",
"CSAFPID-232922",
"CSAFPID-232923",
"CSAFPID-232924",
"CSAFPID-232929",
"CSAFPID-232930",
"CSAFPID-232931",
"CSAFPID-232932",
"CSAFPID-232933",
"CSAFPID-233334",
"CSAFPID-188867",
"CSAFPID-191211",
"CSAFPID-191212",
"CSAFPID-194998",
"CSAFPID-194999",
"CSAFPID-198551",
"CSAFPID-198552",
"CSAFPID-198553",
"CSAFPID-198554",
"CSAFPID-202938",
"CSAFPID-202940",
"CSAFPID-202941",
"CSAFPID-202942",
"CSAFPID-202943",
"CSAFPID-202944",
"CSAFPID-202945",
"CSAFPID-202946",
"CSAFPID-202947",
"CSAFPID-202948",
"CSAFPID-202949",
"CSAFPID-204544",
"CSAFPID-206218",
"CSAFPID-206486",
"CSAFPID-206487",
"CSAFPID-206488",
"CSAFPID-206489",
"CSAFPID-206490",
"CSAFPID-206491",
"CSAFPID-206492",
"CSAFPID-207900",
"CSAFPID-207903",
"CSAFPID-207904",
"CSAFPID-207905",
"CSAFPID-208301",
"CSAFPID-210983",
"CSAFPID-210984",
"CSAFPID-210985",
"CSAFPID-210986",
"CSAFPID-210988",
"CSAFPID-211050",
"CSAFPID-211051",
"CSAFPID-211054",
"CSAFPID-211055",
"CSAFPID-211056",
"CSAFPID-211057",
"CSAFPID-211058",
"CSAFPID-211059",
"CSAFPID-212614",
"CSAFPID-212704",
"CSAFPID-212705",
"CSAFPID-212706",
"CSAFPID-212707",
"CSAFPID-212708",
"CSAFPID-220448",
"CSAFPID-220691",
"CSAFPID-220692",
"CSAFPID-220996",
"CSAFPID-220997",
"CSAFPID-220998",
"CSAFPID-220999",
"CSAFPID-221000",
"CSAFPID-221001",
"CSAFPID-221002",
"CSAFPID-221003",
"CSAFPID-221004",
"CSAFPID-221005",
"CSAFPID-221006",
"CSAFPID-221007",
"CSAFPID-221008",
"CSAFPID-221009",
"CSAFPID-221010",
"CSAFPID-221011",
"CSAFPID-221012",
"CSAFPID-221013",
"CSAFPID-221014",
"CSAFPID-221015",
"CSAFPID-221016",
"CSAFPID-221017",
"CSAFPID-221018",
"CSAFPID-221019",
"CSAFPID-221020",
"CSAFPID-221021",
"CSAFPID-221022",
"CSAFPID-221023",
"CSAFPID-221024",
"CSAFPID-221025",
"CSAFPID-221026",
"CSAFPID-221027",
"CSAFPID-221028",
"CSAFPID-221029",
"CSAFPID-221030",
"CSAFPID-221032",
"CSAFPID-224844",
"CSAFPID-224845",
"CSAFPID-224847",
"CSAFPID-224849",
"CSAFPID-224850",
"CSAFPID-224852",
"CSAFPID-224853",
"CSAFPID-224854",
"CSAFPID-224855",
"CSAFPID-224856",
"CSAFPID-224857",
"CSAFPID-224858",
"CSAFPID-225986",
"CSAFPID-225987",
"CSAFPID-225988",
"CSAFPID-231291",
"CSAFPID-231292",
"CSAFPID-231293",
"CSAFPID-231294",
"CSAFPID-231295",
"CSAFPID-231296",
"CSAFPID-231297",
"CSAFPID-231298",
"CSAFPID-231299",
"CSAFPID-231300",
"CSAFPID-231301",
"CSAFPID-231302",
"CSAFPID-231303",
"CSAFPID-231304",
"CSAFPID-231305",
"CSAFPID-232585",
"CSAFPID-232586",
"CSAFPID-232587",
"CSAFPID-232588",
"CSAFPID-232589",
"CSAFPID-232590",
"CSAFPID-232591",
"CSAFPID-232592",
"CSAFPID-232593",
"CSAFPID-232594",
"CSAFPID-232595",
"CSAFPID-232596",
"CSAFPID-232597",
"CSAFPID-232598",
"CSAFPID-232599",
"CSAFPID-232600",
"CSAFPID-232601",
"CSAFPID-232602",
"CSAFPID-232603",
"CSAFPID-232604",
"CSAFPID-232615",
"CSAFPID-232875",
"CSAFPID-232890",
"CSAFPID-232891",
"CSAFPID-232892",
"CSAFPID-232894",
"CSAFPID-232895",
"CSAFPID-232896",
"CSAFPID-232897",
"CSAFPID-232898",
"CSAFPID-232899",
"CSAFPID-232900",
"CSAFPID-232901",
"CSAFPID-232902",
"CSAFPID-232903",
"CSAFPID-232904",
"CSAFPID-232905",
"CSAFPID-232906",
"CSAFPID-232907",
"CSAFPID-232908",
"CSAFPID-232909",
"CSAFPID-232910",
"CSAFPID-232911",
"CSAFPID-232912",
"CSAFPID-232913",
"CSAFPID-232914",
"CSAFPID-232915",
"CSAFPID-232916",
"CSAFPID-232917",
"CSAFPID-232918",
"CSAFPID-233267",
"CSAFPID-235906",
"CSAFPID-235907",
"CSAFPID-235908",
"CSAFPID-235910",
"CSAFPID-235911",
"CSAFPID-235912",
"CSAFPID-235913",
"CSAFPID-235914",
"CSAFPID-235915",
"CSAFPID-236039",
"CSAFPID-239001",
"CSAFPID-239002",
"CSAFPID-239003",
"CSAFPID-239004",
"CSAFPID-239005",
"CSAFPID-239006"
],
"url": "https://software.cisco.com"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-188867",
"CSAFPID-191211",
"CSAFPID-191212",
"CSAFPID-194998",
"CSAFPID-194999",
"CSAFPID-198551",
"CSAFPID-198552",
"CSAFPID-198553",
"CSAFPID-198554",
"CSAFPID-202938",
"CSAFPID-202940",
"CSAFPID-202941",
"CSAFPID-202942",
"CSAFPID-202943",
"CSAFPID-202944",
"CSAFPID-202945",
"CSAFPID-202946",
"CSAFPID-202947",
"CSAFPID-202948",
"CSAFPID-202949",
"CSAFPID-204544",
"CSAFPID-206218",
"CSAFPID-206486",
"CSAFPID-206487",
"CSAFPID-206488",
"CSAFPID-206489",
"CSAFPID-206490",
"CSAFPID-206491",
"CSAFPID-206492",
"CSAFPID-207900",
"CSAFPID-207903",
"CSAFPID-207904",
"CSAFPID-207905",
"CSAFPID-208301",
"CSAFPID-210983",
"CSAFPID-210984",
"CSAFPID-210985",
"CSAFPID-210986",
"CSAFPID-210988",
"CSAFPID-211050",
"CSAFPID-211051",
"CSAFPID-211054",
"CSAFPID-211055",
"CSAFPID-211056",
"CSAFPID-211057",
"CSAFPID-211058",
"CSAFPID-211059",
"CSAFPID-212614",
"CSAFPID-212704",
"CSAFPID-212705",
"CSAFPID-212706",
"CSAFPID-212707",
"CSAFPID-212708",
"CSAFPID-220448",
"CSAFPID-220691",
"CSAFPID-220692",
"CSAFPID-220996",
"CSAFPID-220997",
"CSAFPID-220998",
"CSAFPID-220999",
"CSAFPID-221000",
"CSAFPID-221001",
"CSAFPID-221002",
"CSAFPID-221003",
"CSAFPID-221004",
"CSAFPID-221005",
"CSAFPID-221006",
"CSAFPID-221007",
"CSAFPID-221008",
"CSAFPID-221009",
"CSAFPID-221010",
"CSAFPID-221011",
"CSAFPID-221012",
"CSAFPID-221013",
"CSAFPID-221014",
"CSAFPID-221015",
"CSAFPID-221016",
"CSAFPID-221017",
"CSAFPID-221018",
"CSAFPID-221019",
"CSAFPID-221020",
"CSAFPID-221021",
"CSAFPID-221022",
"CSAFPID-221023",
"CSAFPID-221024",
"CSAFPID-221025",
"CSAFPID-221026",
"CSAFPID-221027",
"CSAFPID-221028",
"CSAFPID-221029",
"CSAFPID-221030",
"CSAFPID-221032",
"CSAFPID-224844",
"CSAFPID-224845",
"CSAFPID-224847",
"CSAFPID-224849",
"CSAFPID-224850",
"CSAFPID-224852",
"CSAFPID-224853",
"CSAFPID-224854",
"CSAFPID-224855",
"CSAFPID-224856",
"CSAFPID-224857",
"CSAFPID-224858",
"CSAFPID-225986",
"CSAFPID-225987",
"CSAFPID-225988",
"CSAFPID-231291",
"CSAFPID-231292",
"CSAFPID-231293",
"CSAFPID-231294",
"CSAFPID-231295",
"CSAFPID-231296",
"CSAFPID-231297",
"CSAFPID-231298",
"CSAFPID-231299",
"CSAFPID-231300",
"CSAFPID-231301",
"CSAFPID-231302",
"CSAFPID-231303",
"CSAFPID-231304",
"CSAFPID-231305",
"CSAFPID-232585",
"CSAFPID-232586",
"CSAFPID-232587",
"CSAFPID-232588",
"CSAFPID-232589",
"CSAFPID-232590",
"CSAFPID-232591",
"CSAFPID-232592",
"CSAFPID-232593",
"CSAFPID-232594",
"CSAFPID-232595",
"CSAFPID-232596",
"CSAFPID-232597",
"CSAFPID-232598",
"CSAFPID-232599",
"CSAFPID-232600",
"CSAFPID-232601",
"CSAFPID-232602",
"CSAFPID-232603",
"CSAFPID-232604",
"CSAFPID-232615",
"CSAFPID-232875",
"CSAFPID-232890",
"CSAFPID-232891",
"CSAFPID-232892",
"CSAFPID-232894",
"CSAFPID-232895",
"CSAFPID-232896",
"CSAFPID-232897",
"CSAFPID-232898",
"CSAFPID-232899",
"CSAFPID-232900",
"CSAFPID-232901",
"CSAFPID-232902",
"CSAFPID-232903",
"CSAFPID-232904",
"CSAFPID-232905",
"CSAFPID-232906",
"CSAFPID-232907",
"CSAFPID-232908",
"CSAFPID-232909",
"CSAFPID-232910",
"CSAFPID-232911",
"CSAFPID-232912",
"CSAFPID-232913",
"CSAFPID-232914",
"CSAFPID-232915",
"CSAFPID-232916",
"CSAFPID-232917",
"CSAFPID-232918",
"CSAFPID-233267",
"CSAFPID-235906",
"CSAFPID-235907",
"CSAFPID-235908",
"CSAFPID-235910",
"CSAFPID-235911",
"CSAFPID-235912",
"CSAFPID-235913",
"CSAFPID-235914",
"CSAFPID-235915",
"CSAFPID-236039",
"CSAFPID-239001",
"CSAFPID-239002",
"CSAFPID-239003",
"CSAFPID-239004",
"CSAFPID-239005",
"CSAFPID-239006"
]
}
],
"title": "Cisco Adaptive Security Appliance Web Services Denial of Service Vulnerability"
}
]
}
var-201806-1026
Vulnerability from variot
A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029. Vendors have confirmed this vulnerability Bug ID CSCvi16029 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. ASASoftware and FirepowerThreatDefense (FTD) Software are operating systems that run on different devices
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201806-1026",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "6.2.3.1"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "6.2.3"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "6.2.3-85.02"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "6.2.3-851"
},
{
"model": "adaptive security appliance software",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "9.7"
},
{
"model": "adaptive security appliance software",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "9.2"
},
{
"model": "adaptive security appliance software",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "9.2.4.33"
},
{
"model": "adaptive security appliance software",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "9.9.2.1"
},
{
"model": "adaptive security appliance software",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "9.5"
},
{
"model": "adaptive security appliance software",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "9.6.4.8"
},
{
"model": "adaptive security appliance software",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "9.8"
},
{
"model": "firepower threat defense",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "6.0"
},
{
"model": "adaptive security appliance software",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "9.4.4.18"
},
{
"model": "firepower threat defense",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "6.2.2.3"
},
{
"model": "adaptive security appliance software",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "9.9"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "8.1\\(2.5\\)"
},
{
"model": "adaptive security appliance software",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "9.7.1.24"
},
{
"model": "firepower threat defense",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "6.2.1"
},
{
"model": "adaptive security appliance software",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "9.8.2.28"
},
{
"model": "adaptive security appliance software",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "9.1.7.29"
},
{
"model": "firepower threat defense",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "6.1.0"
},
{
"model": "adaptive security appliance software",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3"
},
{
"model": "adaptive security appliance software",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "9.1"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "9.9"
},
{
"model": "adaptive security appliance software",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "firepower threat defense software",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asa series next-generation firewalls",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5500-x"
},
{
"model": "adaptive security virtual appliance",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "firepower asa security module",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "9300"
},
{
"model": "asa cloud firewall",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1000v"
},
{
"model": "asa series adaptive security appliances",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5500"
},
{
"model": "firepower series security appliances",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4100"
},
{
"model": "series industrial security appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3000"
},
{
"model": "firepower series security appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "2100"
},
{
"model": "ftd virtual",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "asa services module for cisco catalyst series switches and cisco series routers",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "65007600"
},
{
"model": "firepower threat defense software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "6.2.2"
},
{
"model": "firepower threat defense software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "6.2.1"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "9.9\\(1\\)"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "6.0.1"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "6.0.0"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "9.9\\(2\\)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "9.8\\(2\\)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0(4.1)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4.3(8)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2(3.4)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(5.12)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.14.7"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3(3.9)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(2.5)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.6(2.10)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.7"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2.27"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2.8"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.12"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2(4.1)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.13"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2(0.104)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5(1.4)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.13.2"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(7)"
},
{
"model": "firepower threat defense software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.3"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3.3"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2.2"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.6.1(11)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2(4.13)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.4.5"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.6.4(6)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2.2.8"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.515"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0(4.21)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0(1.4)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4.3.3"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0(2.10)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0(4.32)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5.3.7"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3.2"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(1.8)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.4"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3(1.50)"
},
{
"model": "firepower threat defense software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(4.5)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.4.20"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.45"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(1.7)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0(4.13)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0(3.10)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0(4.42)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.5"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.6.2.9"
},
{
"model": "firepower threat defense software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.0.6"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2.3.3"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(2.8)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0(4.39)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2(4.11)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.2"
},
{
"model": "firepower threat defense software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.0.5"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2(0.0)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.7.17"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.6"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3(3)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(3)"
},
{
"model": "adaptive security appliance software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.7.1.24"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.1"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.14"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.34"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.6.3(1)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(7.16)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2(3.1)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(3.4)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.2.10"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5.2.8"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.12.10"
},
{
"model": "adaptive security appliance software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.6.4.8"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.8"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.13.6"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(7.13)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0(4.38)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.15"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4(3.6)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(6)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.1.4.5"
},
{
"model": "adaptive security appliance software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2.4.33"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4.4.14"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.1"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4.2.6"
},
{
"model": "adaptive security appliance software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.9.2.1"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.2"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3(3.11)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.14.20"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2.(3.1)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.6.4(3)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2(2)8"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(5.7)"
},
{
"model": "firepower threat defense software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0.1.4"
},
{
"model": "asa series adaptive security appliances",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "55000"
},
{
"model": "firepower threat defense software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(4.3)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0(3.8)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.6(3)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4(2)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(6.1)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(6.2)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4.(0.115)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5.3.9"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.4.1"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.6.3"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.12.8"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2(4.5)"
},
{
"model": "firepower threat defense software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.2.2"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4(1.1)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2(2)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5(3)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(6.9)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.6.3.20"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.14.5"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2(2.6)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.1.4.5"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.1.4"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.4.26"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3.3.8"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.6.3.17"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0(3.3)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.3.2"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3(3.8)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3.1"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.1.5"
},
{
"model": "firepower threat defense software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.2.1"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.6(1.5)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.3"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4.4"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.7(0.99)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.7"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.12"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3.11"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.3"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(5.1)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3.3(10)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.6.2"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4.3.2"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.1.4"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.4"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3(1.105)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(7.7)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.7(19)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(3.2)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2.24"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4.4.6"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.13"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2(4.6)"
},
{
"model": "firepower threat defense software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.0.5"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.4.29"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0(3.6)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.4(40)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3(1.1)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4(2.6)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.512"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0(4.8)"
},
{
"model": "firepower threat defense software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0.1"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4.4.13"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4.3.1"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5.2.7"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.1.4.1"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2(4.8)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.14.24"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.3.8"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.14.1"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4(2.4)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2.4.6"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.7(9)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.3.6"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5(2)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0(4.33)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.13.8"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.14.5"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.4.7"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2.1"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.1.3.8"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5(2.6)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.11.4"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(7.6)"
},
{
"model": "adaptive security appliance software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4.4.18"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0(3.1)"
},
{
"model": "firepower threat defense software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3(3.7)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3(2.243)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.14.17"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(5.106)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2.3"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.6(2.99)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.5(2.2)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(1.2)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4(4)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.510"
},
{
"model": "firepower threat defense software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.2.3"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.4.1"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.5.21"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.7.20"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0(4.29)"
},
{
"model": "adaptive security appliance software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.8.2.28"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1(2)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.4.24"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2(2.4)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3(2.100)"
},
{
"model": "adaptive security appliance software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.7.29"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.6.2.21"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.7(1)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0(2.6)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.7(16)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.2.8"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1.1.3.2"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0.4.17"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.2.4(14)"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11320"
},
{
"db": "BID",
"id": "104612"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006154"
},
{
"db": "NVD",
"id": "CVE-2018-0296"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-401"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.1\\(2.5\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.1.7.29",
"versionStartIncluding": "9.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.2.4.33",
"versionStartIncluding": "9.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.4.4.18",
"versionStartIncluding": "9.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.6.4.8",
"versionStartIncluding": "9.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.8.2.28",
"versionStartIncluding": "9.8",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.9.2.1",
"versionStartIncluding": "9.9",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.7.1.24",
"versionStartIncluding": "9.7",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.1.0",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.2.2.3",
"versionStartIncluding": "6.2.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3-851:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3-85.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0296"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "security researcher Michal Bentkowski from Securitum .,Angelo Ruwantha",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-401"
}
],
"trust": 0.6
},
"cve": "CVE-2018-0296",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-0296",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-11320",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-118498",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-0296",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-0296",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-11320",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201806-401",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-118498",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-0296",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11320"
},
{
"db": "VULHUB",
"id": "VHN-118498"
},
{
"db": "VULMON",
"id": "CVE-2018-0296"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006154"
},
{
"db": "NVD",
"id": "CVE-2018-0296"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-401"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029. Vendors have confirmed this vulnerability Bug ID CSCvi16029 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. ASASoftware and FirepowerThreatDefense (FTD) Software are operating systems that run on different devices",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0296"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006154"
},
{
"db": "CNVD",
"id": "CNVD-2018-11320"
},
{
"db": "VULHUB",
"id": "VHN-118498"
},
{
"db": "VULMON",
"id": "CVE-2018-0296"
}
],
"trust": 2.34
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=47220",
"trust": 0.2,
"type": "exploit"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-118498",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118498"
},
{
"db": "VULMON",
"id": "CVE-2018-0296"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-0296",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-18-184-01",
"trust": 2.8
},
{
"db": "EXPLOIT-DB",
"id": "44956",
"trust": 2.6
},
{
"db": "BID",
"id": "104612",
"trust": 2.0
},
{
"db": "PACKETSTORM",
"id": "154017",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1041076",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006154",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201806-401",
"trust": 0.7
},
{
"db": "EXPLOITDB",
"id": "44956",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2018-11320",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "47220",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "148365",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "148658",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-97368",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-118498",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-0296",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11320"
},
{
"db": "VULHUB",
"id": "VHN-118498"
},
{
"db": "VULMON",
"id": "CVE-2018-0296"
},
{
"db": "BID",
"id": "104612"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006154"
},
{
"db": "NVD",
"id": "CVE-2018-0296"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-401"
}
]
},
"id": "VAR-201806-1026",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11320"
},
{
"db": "VULHUB",
"id": "VHN-118498"
}
],
"trust": 1.4485330233333333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11320"
}
]
},
"last_update_date": "2023-12-18T12:28:54.659000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20180606-asaftd",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180606-asaftd"
},
{
"title": "Several Cisco products ASASoftware and FirepowerThreatDefenseSoftware enter patches for verification vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/131753"
},
{
"title": "Cisco: Cisco Adaptive Security Appliance Web Services Denial of Service Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20180606-asaftd"
},
{
"title": "CVE-2018-0296",
"trust": 0.1,
"url": "https://github.com/qiantu88/cve-2018-0296 "
},
{
"title": "CVE-2018-0296",
"trust": 0.1,
"url": "https://github.com/milo2012/cve-2018-0296 "
},
{
"title": "CVE-2018-0296",
"trust": 0.1,
"url": "https://github.com/yassineaboukir/cve-2018-0296 "
},
{
"title": "CVE-2018-0296",
"trust": 0.1,
"url": "https://github.com/irbishop/cve-2018-0296 "
},
{
"title": "CVE-2018-0296",
"trust": 0.1,
"url": "https://github.com/bhenner1/cve-2018-0296 "
},
{
"title": "CiscoIOSSNMPToolkit",
"trust": 0.1,
"url": "https://github.com/garnetsunset/ciscoiossnmptoolkit "
},
{
"title": "common-lists",
"trust": 0.1,
"url": "https://github.com/tomikoski/common-lists "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/iveresk/cve-2020-3452 "
},
{
"title": "CVE-2020-3452-Exploit",
"trust": 0.1,
"url": "https://github.com/3ndg4me/cve-2020-3452-exploit "
},
{
"title": "KB",
"trust": 0.1,
"url": "https://github.com/rudinyu/kb "
},
{
"title": "RedTeam",
"trust": 0.1,
"url": "https://github.com/slimdaddy/redteam "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11320"
},
{
"db": "VULMON",
"id": "CVE-2018-0296"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006154"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.1
},
{
"problemtype": "CWE-20",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118498"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006154"
},
{
"db": "NVD",
"id": "CVE-2018-0296"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180606-asaftd"
},
{
"trust": 2.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-184-01"
},
{
"trust": 2.6,
"url": "https://www.exploit-db.com/exploits/44956/"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/154017/cisco-adaptive-security-appliance-path-traversal.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104612"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041076"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0296"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-0296"
},
{
"trust": 0.6,
"url": "https://www.exploit-db.com/exploits/47220"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/cisco-asa-denial-of-service-via-http-url-28680"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "https://github.com/yassineaboukir/cve-2018-0296"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-11320"
},
{
"db": "VULHUB",
"id": "VHN-118498"
},
{
"db": "BID",
"id": "104612"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006154"
},
{
"db": "NVD",
"id": "CVE-2018-0296"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-401"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-11320"
},
{
"db": "VULHUB",
"id": "VHN-118498"
},
{
"db": "VULMON",
"id": "CVE-2018-0296"
},
{
"db": "BID",
"id": "104612"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006154"
},
{
"db": "NVD",
"id": "CVE-2018-0296"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-401"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11320"
},
{
"date": "2018-06-07T00:00:00",
"db": "VULHUB",
"id": "VHN-118498"
},
{
"date": "2018-06-07T00:00:00",
"db": "VULMON",
"id": "CVE-2018-0296"
},
{
"date": "2018-06-06T00:00:00",
"db": "BID",
"id": "104612"
},
{
"date": "2018-08-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006154"
},
{
"date": "2018-06-07T12:29:00.403000",
"db": "NVD",
"id": "CVE-2018-0296"
},
{
"date": "2018-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-401"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-11320"
},
{
"date": "2020-09-04T00:00:00",
"db": "VULHUB",
"id": "VHN-118498"
},
{
"date": "2023-08-15T00:00:00",
"db": "VULMON",
"id": "CVE-2018-0296"
},
{
"date": "2018-06-06T00:00:00",
"db": "BID",
"id": "104612"
},
{
"date": "2018-08-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006154"
},
{
"date": "2023-08-15T15:21:44.127000",
"db": "NVD",
"id": "CVE-2018-0296"
},
{
"date": "2020-09-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-401"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-401"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Adaptive Security Appliance and Firepower Threat Defense Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006154"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-401"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.