CVE-2018-0240
8.6
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 4.0
Source: NVD
Description
Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerabilities are due to logical errors during traffic inspection. An attacker could exploit these vulnerabilities by sending a high volume of malicious traffic across an affected device. An exploit could allow the attacker to cause a deadlock condition, resulting in a reload of an affected device. These vulnerabilities affect Cisco ASA Software and Cisco FTD Software configured for Application Layer Protocol Inspection running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCve61540, CSCvh23085, CSCvh95456.
Affected (7)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| From 9.6.0.0 to 9.6.4.6 | |
| From 6.1.0 to 6.1.0.7 |
| Running on/with | Platform Versions |
|---|---|
Cisco 7604 | All versions |
Cisco 7606 S | All versions |
Cisco 7609 S | All versions |
Cisco 7613 S | All versions |
Cisco Adaptive Security Virtual Appliance | All versions |
Cisco Asa 5505 | All versions |
Cisco Asa 5506 X | All versions |
Cisco Asa 5506h X | All versions |
Cisco Asa 5512 X | All versions |
Cisco Asa 5515 X | All versions |
Cisco Asa 5520 | All versions |
Cisco Asa 5540 | All versions |
Cisco Asa 5545 X | All versions |
Cisco Asa 5555 X | All versions |
Cisco Asa 5585 X | All versions |
Cisco Asa 5506 X | All versions |
Cisco Asa 5506w X | All versions |
Cisco Asa 5508 X | All versions |
Cisco Asa 5510 | All versions |
Cisco Asa 5516 X | All versions |
Cisco Asa 5525 X | All versions |
Cisco Asa 5550 | All versions |
Cisco Asa 5555 X | All versions |
Cisco Asa 5580 | All versions |
Cisco Catalyst 6500 E | All versions |
Cisco Catalyst 6503 E | All versions |
Cisco Catalyst 6504 E | All versions |
Cisco Catalyst 6506 E | All versions |
Cisco Catalyst 6509 E | All versions |
Cisco Catalyst 6509 Neb A | All versions |
Cisco Catalyst 6509 V E | All versions |
Cisco Catalyst 6513 | All versions |
Cisco Catalyst 6513 E | All versions |
Cisco Firepower 2110 | All versions |
Cisco Firepower 2120 | All versions |
Cisco Firepower 2130 | All versions |
Cisco Firepower 2140 | All versions |
Cisco Firepower 4110 | All versions |
Cisco Firepower 4120 | All versions |
Cisco Firepower 4140 | All versions |
Cisco Firepower 4150 | All versions |
Cisco Firepower 9300 | All versions |
Cisco Firepower Threat Defense Virtual | All versions |
Cisco Isa 3000 2c2f | All versions |
Cisco Isa 3000 4c | All versions |
Related CWEs
References (8)
Source: psirt@cisco.com
Broken LinkThird Party AdvisoryVDB Entry
Source: psirt@cisco.com
Third Party AdvisoryUS Government Resource
Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.