Vulnerability CVE-2018-0296


Published: 2018-06-07

Description:
A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029.

See advisories in our WLB2 database:
Topic
Author
Date
High
Cisco Adaptive Security Appliance Path Traversal (Metasploit)
13.08.2019

Type:

CWE-20

(Improper Input Validation)

Vendor: Cisco
Product: Adaptive security appliance software 
Version:
9.9(2)1
9.9(2)
9.9(1)
9.9
9.8(3)
9.8(2)8
9.8(2)28
9.8(2)26
9.8(2)24
9.8(2)20
9.8(2)17
9.8(2)14
9.8(2)
9.8(1.200)
9.8(1)
9.8(0.56)
9.8
9.7(1.4)
9.7(1)8
9.7(1)4
9.7(1)24
9.7(1)21
9.7(1)2
9.7(1)16
9.7(1)15
9.7(1)1
9.7(1)
9.7
9.6.2.7
9.6.2.3
9.6.2.2
9.6.2.1
9.6.2
9.6.1.5
9.6.1.3
9.6.1.10
9.6.1
9.6.0
9.6(4)8
9.6(4)6
9.6(4)5
9.6(4)3
9.6(4)
9.6(3.1)
9.6(3)9
9.6(3)8
9.6(3)3
9.6(3)17
9.6(3)14
9.6(3)12
9.6(3)11
9.6(2)
9.6(1)
9.6
9.5.3.7
9.5.3.6
9.5.3.3
9.5.3.2
9.5.3.1
9.5.3
9.5.2.6
9.5.2.14
9.5.2.10
9.5.2
9.5.1
9.5(1)
9.5
9.4.4
9.4.3.8
9.4.3.6
9.4.3.4
9.4.3.12
9.4.3.11
9.4.3
9.4.2.3
9.4.2
9.4.1.5
9.4.1.3
9.4.1.2
9.4.1.1
9.4.1
9.4(4.5)
9.4(4)8
9.4(4)6
9.4(4)5
9.4(4)2
9.4(4)18
9.4(4)17
9.4(4)16
9.4(4)14
9.4(4)13
9.4(4)12
9.4(4)10
9.4(3)
9.4(2.145)
9.4(2)
9.4(1.225)
9.4(1.200)
9.4(1.152)
9.4(1.1)
See more versions on NVD

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

 References:
http://packetstormsecurity.com/files/154017/Cisco-Adaptive-Security-Appliance-Path-Traversal.html
http://www.securityfocus.com/bid/104612
http://www.securitytracker.com/id/1041076
https://ics-cert.us-cert.gov/advisories/ICSA-18-184-01
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd
https://www.exploit-db.com/exploits/44956/

Related CVE
CVE-2019-1970
A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an ...
CVE-2019-1958
A vulnerability in the web-based management interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CS...
CVE-2019-1955
A vulnerability in the Sender Policy Framework (SPF) functionality of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device. The vulnerability ...
CVE-2019-1954
A vulnerability in the web-based management interface of Cisco Webex Meetings Server Software could allow an unauthenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the UR...
CVE-2019-1951
A vulnerability in the packet filtering features of Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to bypass L3 and L4 traffic filters. The vulnerability is due to improper traffic filtering conditions on an affected device. An...
CVE-2019-1949
A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affecte...
CVE-2019-1945
Multiple vulnerabilities in the smart tunnel functionality of Cisco Adaptive Security Appliance (ASA) could allow an authenticated, local attacker to elevate privileges to the root user or load a malicious library file while the tunnel is being estab...
CVE-2019-1944
Multiple vulnerabilities in the smart tunnel functionality of Cisco Adaptive Security Appliance (ASA) could allow an authenticated, local attacker to elevate privileges to the root user or load a malicious library file while the tunnel is being estab...

Copyright 2019, cxsecurity.com

 

Back to Top