Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2018-0101

Опубликовано: 29 янв. 2018
Источник: nvd
CVSS3: 10
CVSS2: 10
EPSS Критический

Описание

A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to an attempt to double free a region of memory when the webvpn feature is enabled on the Cisco ASA device. An attacker could exploit this vulnerability by sending multiple, crafted XML packets to a webvpn-configured interface on the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system, or cause a reload of the affected device. This vulnerability affects Cisco ASA Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, ASA 1000V Clo

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*
Версия до 9.1.7.23 (исключая)
cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*
Версия от 9.2.0 (включая) до 9.2.4.27 (исключая)
cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*
Версия от 9.3.0 (включая) до 9.4.4.16 (исключая)
cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*
Версия от 9.5.0 (включая) до 9.6.4.3 (исключая)
cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*
Версия от 9.7.0 (включая) до 9.7.1.21 (исключая)
cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*
Версия от 9.8.0 (включая) до 9.8.2.20 (исключая)
cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*
Версия от 9.9.0 (включая) до 9.9.1.2 (исключая)
Конфигурация 2

Одно из

cpe:2.3:a:cisco:firepower_threat_defense:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense:6.1.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense:6.2.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense:6.2.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense:6.2.2:*:*:*:*:*:*:*

EPSS

Процентиль: 100%
0.92693
Критический

10 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-415
CWE-415

Связанные уязвимости

github логотип

GHSA-gxj8-6mjh-32m2

CVSS3: 10
github
больше 3 лет назад

A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to an attempt to double free a region of memory when the webvpn feature is enabled on the Cisco ASA device. An attacker could exploit this vulnerability by sending multiple, crafted XML packets to a webvpn-configured interface on the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system, or cause a reload of the affected device. This vulnerability affects Cisco ASA Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, ASA 1000V ...

fstec логотип

BDU:2018-00188

CVSS3: 10
fstec
около 8 лет назад

Уязвимость функции VPN Secure Sockets Layer (SSL) микропрограммного обеспечения межсетевых экранов Cisco Adaptive Security Appliance (ASA), позволяющая нарушителю выполнить произвольный код и получить полный контроль над системой

EPSS

Процентиль: 100%
0.92693
Критический

10 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-415
CWE-415