Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2018-15397

Опубликовано: 05 окт. 2018
Источник: nvd
CVSS3: 6.8
CVSS2: 7.1
EPSS Низкий

Описание

A vulnerability in the implementation of Traffic Flow Confidentiality (TFC) over IPsec functionality in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to an error that may occur if the affected software renegotiates the encryption key for an IPsec tunnel when certain TFC traffic is in flight. An attacker could exploit this vulnerability by sending a malicious stream of TFC traffic through an established IPsec tunnel on an affected device. A successful exploit could allow the attacker to cause a daemon process on the affected device to crash, which could cause the device to crash and result in a DoS condition.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cisco:secure_firewall_management_center:6.2.2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.6.4:*:*:*:*:*:*:*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.9.1\(1\):*:*:*:*:*:*:*

EPSS

Процентиль: 47%
0.00244
Низкий

6.8 Medium

CVSS3

7.1 High

CVSS2

Дефекты

CWE-320
NVD-CWE-noinfo

Связанные уязвимости

github логотип

GHSA-rhcj-jwww-2qpj

CVSS3: 6.8
github
больше 3 лет назад

A vulnerability in the implementation of Traffic Flow Confidentiality (TFC) over IPsec functionality in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to an error that may occur if the affected software renegotiates the encryption key for an IPsec tunnel when certain TFC traffic is in flight. An attacker could exploit this vulnerability by sending a malicious stream of TFC traffic through an established IPsec tunnel on an affected device. A successful exploit could allow the attacker to cause a daemon process on the affected device to crash, which could cause the device to crash and result in a DoS condition.

fstec логотип

BDU:2023-04932

CVSS3: 6.8
fstec
больше 7 лет назад

Уязвимость функции конфиденциальности потоков Traffic Flow Confidentiality (TFC) через IPsec микропрограммного обеспечения межсетевых экранов Cisco Adaptive Security Appliance (ASA) и Cisco Firepower Threat Defense (FTD), позволяющая нарушителю вызвать отказ в обслуживании или перезагрузку системы

EPSS

Процентиль: 47%
0.00244
Низкий

6.8 Medium

CVSS3

7.1 High

CVSS2

Дефекты

CWE-320
NVD-CWE-noinfo