Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

fstec логотип

BDU:2019-00054

Опубликовано: 26 сент. 2018
Источник: fstec
CVSS3: 8.6
CVSS2: 7.8
EPSS Средний

Описание

Уязвимость драйвера IPsec операционной системы Cisco IOS XE и программного обеспечения межсетевых экранов Cisco Adaptive Security Appliance связана с ошибками обработки пакетов аутентификации IPsec (AH) или пакетов инкапсулированной полезной нагрузки (ESP). Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать перезагрузку устройства

Вендор

Cisco Systems Inc.

Наименование ПО

Cisco IOS XE
Adaptive Security Appliance

Версия ПО

3.10.8as (Cisco IOS XE)
3.10.8s (Cisco IOS XE)
3.12.0s (Cisco IOS XE)
3.12.1s (Cisco IOS XE)
3.12.2s (Cisco IOS XE)
3.12.3s (Cisco IOS XE)
3.12.4s (Cisco IOS XE)
3.13.1s (Cisco IOS XE)
3.13.2s (Cisco IOS XE)
3.13.4s (Cisco IOS XE)
3.13.5s (Cisco IOS XE)
3.14.0s (Cisco IOS XE)
3.14.1s (Cisco IOS XE)
3.14.2s (Cisco IOS XE)
3.14.3s (Cisco IOS XE)
3.14.4s (Cisco IOS XE)
3.15.0s (Cisco IOS XE)
3.15.1s (Cisco IOS XE)
3.15.2s (Cisco IOS XE)
3.15.3s (Cisco IOS XE)
3.16.0s (Cisco IOS XE)
3.16.1as (Cisco IOS XE)
3.16.2s (Cisco IOS XE)
3.17.0s (Cisco IOS XE)
3.17.1s (Cisco IOS XE)
16.5.1 (Cisco IOS XE)
16.1.1 (Cisco IOS XE)
16.1.2 (Cisco IOS XE)
16.1.3 (Cisco IOS XE)
3.2.0JA (Cisco IOS XE)
16.3.1a (Cisco IOS XE)
16.5.1a (Cisco IOS XE)
16.2.1 (Cisco IOS XE)
16.2.2 (Cisco IOS XE)
16.3.1 (Cisco IOS XE)
16.3.2 (Cisco IOS XE)
16.3.3 (Cisco IOS XE)
16.3.4 (Cisco IOS XE)
16.3.5 (Cisco IOS XE)
16.3.5b (Cisco IOS XE)
16.4.1 (Cisco IOS XE)
16.6.1 (Cisco IOS XE)
16.7.1b (Cisco IOS XE)
16.4.3 (Cisco IOS XE)
9.3 (Adaptive Security Appliance)
3.4.0S (Cisco IOS XE)
3.4.1S (Cisco IOS XE)
3.4.2S (Cisco IOS XE)
3.4.3S (Cisco IOS XE)
3.4.4S (Cisco IOS XE)
3.4.5S (Cisco IOS XE)
3.4.6S (Cisco IOS XE)
3.4.0aS (Cisco IOS XE)
3.4.7S (Cisco IOS XE)
3.5.0S (Cisco IOS XE)
3.5.1S (Cisco IOS XE)
3.5.2S (Cisco IOS XE)
3.6.0S (Cisco IOS XE)
3.6.1S (Cisco IOS XE)
3.6.2S (Cisco IOS XE)
3.7.0S (Cisco IOS XE)
3.7.1S (Cisco IOS XE)
3.7.2S (Cisco IOS XE)
3.7.3S (Cisco IOS XE)
3.7.4S (Cisco IOS XE)
3.7.5S (Cisco IOS XE)
3.7.6S (Cisco IOS XE)
3.7.7S (Cisco IOS XE)
3.7.8S (Cisco IOS XE)
3.7.4aS (Cisco IOS XE)
3.7.2tS (Cisco IOS XE)
3.7.0bS (Cisco IOS XE)
3.8.0S (Cisco IOS XE)
3.8.1S (Cisco IOS XE)
3.8.2S (Cisco IOS XE)
3.9.1S (Cisco IOS XE)
3.9.0S (Cisco IOS XE)
3.9.2S (Cisco IOS XE)
3.9.1aS (Cisco IOS XE)
3.9.0aS (Cisco IOS XE)
3.10.0S (Cisco IOS XE)
3.10.1S (Cisco IOS XE)
3.10.2S (Cisco IOS XE)
3.10.3S (Cisco IOS XE)
3.10.4S (Cisco IOS XE)
3.10.5S (Cisco IOS XE)
3.10.6S (Cisco IOS XE)
3.10.2aS (Cisco IOS XE)
3.10.2tS (Cisco IOS XE)
3.10.7S (Cisco IOS XE)
3.10.9S (Cisco IOS XE)
3.10.10S (Cisco IOS XE)
3.11.1S (Cisco IOS XE)
3.11.2S (Cisco IOS XE)
3.11.0S (Cisco IOS XE)
3.11.3S (Cisco IOS XE)
3.11.4S (Cisco IOS XE)
3.12.0aS (Cisco IOS XE)
3.13.0S (Cisco IOS XE)
3.13.3S (Cisco IOS XE)
3.13.2aS (Cisco IOS XE)
3.13.5aS (Cisco IOS XE)
3.13.6S (Cisco IOS XE)
3.13.7S (Cisco IOS XE)
3.13.6aS (Cisco IOS XE)
3.13.6bS (Cisco IOS XE)
3.13.7aS (Cisco IOS XE)
3.13.8S (Cisco IOS XE)
3.13.9S (Cisco IOS XE)
3.15.1cS (Cisco IOS XE)
3.15.4S (Cisco IOS XE)
3.16.1S (Cisco IOS XE)
3.16.0bS (Cisco IOS XE)
3.16.0cS (Cisco IOS XE)
3.16.3S (Cisco IOS XE)
3.16.2bS (Cisco IOS XE)
3.16.4aS (Cisco IOS XE)
3.16.4bS (Cisco IOS XE)
3.16.4gS (Cisco IOS XE)
3.16.5S (Cisco IOS XE)
3.16.4cS (Cisco IOS XE)
3.16.4dS (Cisco IOS XE)
3.16.4eS (Cisco IOS XE)
3.16.6S (Cisco IOS XE)
3.16.5aS (Cisco IOS XE)
3.16.5bS (Cisco IOS XE)
3.16.7S (Cisco IOS XE)
3.16.6bS (Cisco IOS XE)
3.16.7aS (Cisco IOS XE)
3.16.7bS (Cisco IOS XE)
3.17.2S (Cisco IOS XE)
3.17.1aS (Cisco IOS XE)
3.17.3S (Cisco IOS XE)
3.17.4S (Cisco IOS XE)
16.3.6 (Cisco IOS XE)
16.4.2 (Cisco IOS XE)
16.5.1b (Cisco IOS XE)
16.5.2 (Cisco IOS XE)
16.5.3 (Cisco IOS XE)
3.18.6SP (Cisco IOS XE)
16.6.2 (Cisco IOS XE)
16.6.3 (Cisco IOS XE)
16.7.1 (Cisco IOS XE)
16.7.1a (Cisco IOS XE)
16.8.1 (Cisco IOS XE)
16.8.1s (Cisco IOS XE)
16.9.1b (Cisco IOS XE)
до 9.9.2.2 (Adaptive Security Appliance)
до 9.8.2.26 (Adaptive Security Appliance)
до 9.6.4.8 (Adaptive Security Appliance)
до 9.4.4.18 (Adaptive Security Appliance)

Тип ПО

Операционная система
ПО сетевого программно-аппаратного средства

Операционные системы и аппаратные платформы

Cisco Systems Inc. Cisco IOS XE 3.10.8as
Cisco Systems Inc. Cisco IOS XE 3.10.8s
Cisco Systems Inc. Cisco IOS XE 3.12.0s
Cisco Systems Inc. Cisco IOS XE 3.12.1s
Cisco Systems Inc. Cisco IOS XE 3.12.2s
Cisco Systems Inc. Cisco IOS XE 3.12.3s
Cisco Systems Inc. Cisco IOS XE 3.12.4s
Cisco Systems Inc. Cisco IOS XE 3.13.1s
Cisco Systems Inc. Cisco IOS XE 3.13.2s
Cisco Systems Inc. Cisco IOS XE 3.13.4s
Cisco Systems Inc. Cisco IOS XE 3.13.5s
Cisco Systems Inc. Cisco IOS XE 3.14.0s
Cisco Systems Inc. Cisco IOS XE 3.14.1s
Cisco Systems Inc. Cisco IOS XE 3.14.2s
Cisco Systems Inc. Cisco IOS XE 3.14.3s
Cisco Systems Inc. Cisco IOS XE 3.14.4s
Cisco Systems Inc. Cisco IOS XE 3.15.0s
Cisco Systems Inc. Cisco IOS XE 3.15.1s
Cisco Systems Inc. Cisco IOS XE 3.15.2s
Cisco Systems Inc. Cisco IOS XE 3.15.3s
Cisco Systems Inc. Cisco IOS XE 3.16.0s
Cisco Systems Inc. Cisco IOS XE 3.16.1as
Cisco Systems Inc. Cisco IOS XE 3.16.2s
Cisco Systems Inc. Cisco IOS XE 3.17.0s
Cisco Systems Inc. Cisco IOS XE 3.17.1s
Cisco Systems Inc. Cisco IOS XE 16.5.1
Cisco Systems Inc. Cisco IOS XE 16.1.1
Cisco Systems Inc. Cisco IOS XE 16.1.2
Cisco Systems Inc. Cisco IOS XE 16.1.3
Cisco Systems Inc. Cisco IOS XE 3.2.0JA
Cisco Systems Inc. Cisco IOS XE 16.3.1a
Cisco Systems Inc. Cisco IOS XE 16.5.1a
Cisco Systems Inc. Cisco IOS XE 16.2.1
Cisco Systems Inc. Cisco IOS XE 16.2.2
Cisco Systems Inc. Cisco IOS XE 16.3.1
Cisco Systems Inc. Cisco IOS XE 16.3.2
Cisco Systems Inc. Cisco IOS XE 16.3.3
Cisco Systems Inc. Cisco IOS XE 16.3.4
Cisco Systems Inc. Cisco IOS XE 16.3.5
Cisco Systems Inc. Cisco IOS XE 16.3.5b
Cisco Systems Inc. Cisco IOS XE 16.4.1
Cisco Systems Inc. Cisco IOS XE 16.6.1
Cisco Systems Inc. Cisco IOS XE 16.7.1b
Cisco Systems Inc. Cisco IOS XE 16.4.3
Cisco Systems Inc. Cisco IOS XE 3.4.0S
Cisco Systems Inc. Cisco IOS XE 3.4.1S
Cisco Systems Inc. Cisco IOS XE 3.4.2S
Cisco Systems Inc. Cisco IOS XE 3.4.3S
Cisco Systems Inc. Cisco IOS XE 3.4.4S
Cisco Systems Inc. Cisco IOS XE 3.4.5S
Cisco Systems Inc. Cisco IOS XE 3.4.6S
Cisco Systems Inc. Cisco IOS XE 3.4.0aS
Cisco Systems Inc. Cisco IOS XE 3.4.7S
Cisco Systems Inc. Cisco IOS XE 3.5.0S
Cisco Systems Inc. Cisco IOS XE 3.5.1S
Cisco Systems Inc. Cisco IOS XE 3.5.2S
Cisco Systems Inc. Cisco IOS XE 3.6.0S
Cisco Systems Inc. Cisco IOS XE 3.6.1S
Cisco Systems Inc. Cisco IOS XE 3.6.2S
Cisco Systems Inc. Cisco IOS XE 3.7.0S
Cisco Systems Inc. Cisco IOS XE 3.7.1S
Cisco Systems Inc. Cisco IOS XE 3.7.2S
Cisco Systems Inc. Cisco IOS XE 3.7.3S
Cisco Systems Inc. Cisco IOS XE 3.7.4S
Cisco Systems Inc. Cisco IOS XE 3.7.5S
Cisco Systems Inc. Cisco IOS XE 3.7.6S
Cisco Systems Inc. Cisco IOS XE 3.7.7S
Cisco Systems Inc. Cisco IOS XE 3.7.8S
Cisco Systems Inc. Cisco IOS XE 3.7.4aS
Cisco Systems Inc. Cisco IOS XE 3.7.2tS
Cisco Systems Inc. Cisco IOS XE 3.7.0bS
Cisco Systems Inc. Cisco IOS XE 3.8.0S
Cisco Systems Inc. Cisco IOS XE 3.8.1S
Cisco Systems Inc. Cisco IOS XE 3.8.2S
Cisco Systems Inc. Cisco IOS XE 3.9.1S
Cisco Systems Inc. Cisco IOS XE 3.9.0S
Cisco Systems Inc. Cisco IOS XE 3.9.2S
Cisco Systems Inc. Cisco IOS XE 3.9.1aS
Cisco Systems Inc. Cisco IOS XE 3.9.0aS
Cisco Systems Inc. Cisco IOS XE 3.10.0S
Cisco Systems Inc. Cisco IOS XE 3.10.1S
Cisco Systems Inc. Cisco IOS XE 3.10.2S
Cisco Systems Inc. Cisco IOS XE 3.10.3S
Cisco Systems Inc. Cisco IOS XE 3.10.4S
Cisco Systems Inc. Cisco IOS XE 3.10.5S
Cisco Systems Inc. Cisco IOS XE 3.10.6S
Cisco Systems Inc. Cisco IOS XE 3.10.2aS
Cisco Systems Inc. Cisco IOS XE 3.10.2tS
Cisco Systems Inc. Cisco IOS XE 3.10.7S
Cisco Systems Inc. Cisco IOS XE 3.10.9S
Cisco Systems Inc. Cisco IOS XE 3.10.10S
Cisco Systems Inc. Cisco IOS XE 3.11.1S
Cisco Systems Inc. Cisco IOS XE 3.11.2S
Cisco Systems Inc. Cisco IOS XE 3.11.0S
Cisco Systems Inc. Cisco IOS XE 3.11.3S
Cisco Systems Inc. Cisco IOS XE 3.11.4S
Cisco Systems Inc. Cisco IOS XE 3.12.0aS
Cisco Systems Inc. Cisco IOS XE 3.13.0S
Cisco Systems Inc. Cisco IOS XE 3.13.3S
Cisco Systems Inc. Cisco IOS XE 3.13.2aS
Cisco Systems Inc. Cisco IOS XE 3.13.5aS
Cisco Systems Inc. Cisco IOS XE 3.13.6S
Cisco Systems Inc. Cisco IOS XE 3.13.7S
Cisco Systems Inc. Cisco IOS XE 3.13.6aS
Cisco Systems Inc. Cisco IOS XE 3.13.6bS
Cisco Systems Inc. Cisco IOS XE 3.13.7aS
Cisco Systems Inc. Cisco IOS XE 3.13.8S
Cisco Systems Inc. Cisco IOS XE 3.13.9S
Cisco Systems Inc. Cisco IOS XE 3.15.1cS
Cisco Systems Inc. Cisco IOS XE 3.15.4S
Cisco Systems Inc. Cisco IOS XE 3.16.1S
Cisco Systems Inc. Cisco IOS XE 3.16.0bS
Cisco Systems Inc. Cisco IOS XE 3.16.0cS
Cisco Systems Inc. Cisco IOS XE 3.16.3S
Cisco Systems Inc. Cisco IOS XE 3.16.2bS
Cisco Systems Inc. Cisco IOS XE 3.16.4aS
Cisco Systems Inc. Cisco IOS XE 3.16.4bS
Cisco Systems Inc. Cisco IOS XE 3.16.4gS
Cisco Systems Inc. Cisco IOS XE 3.16.5S
Cisco Systems Inc. Cisco IOS XE 3.16.4cS
Cisco Systems Inc. Cisco IOS XE 3.16.4dS
Cisco Systems Inc. Cisco IOS XE 3.16.4eS
Cisco Systems Inc. Cisco IOS XE 3.16.6S
Cisco Systems Inc. Cisco IOS XE 3.16.5aS
Cisco Systems Inc. Cisco IOS XE 3.16.5bS
Cisco Systems Inc. Cisco IOS XE 3.16.7S
Cisco Systems Inc. Cisco IOS XE 3.16.6bS
Cisco Systems Inc. Cisco IOS XE 3.16.7aS
Cisco Systems Inc. Cisco IOS XE 3.16.7bS
Cisco Systems Inc. Cisco IOS XE 3.17.2S
Cisco Systems Inc. Cisco IOS XE 3.17.1aS
Cisco Systems Inc. Cisco IOS XE 3.17.3S
Cisco Systems Inc. Cisco IOS XE 3.17.4S
Cisco Systems Inc. Cisco IOS XE 16.3.6
Cisco Systems Inc. Cisco IOS XE 16.4.2
Cisco Systems Inc. Cisco IOS XE 16.5.1b
Cisco Systems Inc. Cisco IOS XE 16.5.2
Cisco Systems Inc. Cisco IOS XE 16.5.3
Cisco Systems Inc. Cisco IOS XE 3.18.6SP
Cisco Systems Inc. Cisco IOS XE 16.6.2
Cisco Systems Inc. Cisco IOS XE 16.6.3
Cisco Systems Inc. Cisco IOS XE 16.7.1
Cisco Systems Inc. Cisco IOS XE 16.7.1a
Cisco Systems Inc. Cisco IOS XE 16.8.1
Cisco Systems Inc. Cisco IOS XE 16.8.1s
Cisco Systems Inc. Cisco IOS XE 16.9.1b

Уровень опасности уязвимости

Высокий уровень опасности (базовая оценка CVSS 2.0 составляет 7,8)
Высокий уровень опасности (базовая оценка CVSS 3.0 составляет 8,6)

Возможные меры по устранению уязвимости

Обновление программного обеспечения до более поздней версии

Статус уязвимости

Подтверждена производителем

Наличие эксплойта

Данные уточняются

Информация об устранении

Уязвимость устранена

Ссылки на источники

Идентификаторы других систем описаний уязвимостей

EPSS

Процентиль: 94%
0.14922
Средний

8.6 High

CVSS3

7.8 High

CVSS2

Связанные уязвимости

nvd логотип

CVE-2018-0472

CVSS3: 8.6
nvd
больше 7 лет назад

A vulnerability in the IPsec driver code of multiple Cisco IOS XE Software platforms and the Cisco ASA 5500-X Series Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to improper processing of malformed IPsec Authentication Header (AH) or Encapsulating Security Payload (ESP) packets. An attacker could exploit this vulnerability by sending malformed IPsec packets to be processed by an affected device. An exploit could allow the attacker to cause a reload of the affected device.

github логотип

GHSA-mj5q-hmjx-cx8j

CVSS3: 8.6
github
больше 3 лет назад

A vulnerability in the IPsec driver code of multiple Cisco IOS XE Software platforms and the Cisco ASA 5500-X Series Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to improper processing of malformed IPsec Authentication Header (AH) or Encapsulating Security Payload (ESP) packets. An attacker could exploit this vulnerability by sending malformed IPsec packets to be processed by an affected device. An exploit could allow the attacker to cause a reload of the affected device.

EPSS

Процентиль: 94%
0.14922
Средний

8.6 High

CVSS3

7.8 High

CVSS2