CVE-2018-0333

A vulnerability in the VPN configuration management of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass VPN security due to unintended side effects of dynamic configuration changes that could allow an attacker to bypass configured policies. The vulnerability is due to incorrect management of the configured interface names and VPN parameters when dynamic CLI configuration changes are performed. An attacker could exploit this vulnerability by sending packets through an interface on the targeted device. A successful exploit could allow the attacker to bypass configured VPN policies. Cisco Bug IDs: CSCvh49388.

CVSS v3 5.8 MEDIUM
CVSS v2.0 5.0 MEDIUM

5.8^/10

CVSS v3 : MEDIUM

Vector : AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope CHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://www.securityfocus.com/bid/104422	Third Party Advisory VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-FireSIGHT-vpn-bypass	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:cisco:firepower_management_center:6.2.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-06-07 21:29

Updated : 2023-12-10 12:30

NVD link : CVE-2018-0333

Mitre link : CVE-2018-0333

CVE.ORG link : CVE-2018-0333

JSON object : View

Products Affected

cisco

firepower_management_center

CWE

CWE-693

Protection Mechanism Failure

{"id": "CVE-2018-0333", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 5.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2018-06-07T21:29:00.463", "references": [{"url": "http://www.securityfocus.com/bid/104422", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-FireSIGHT-vpn-bypass", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-693"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-693"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the VPN configuration management of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass VPN security due to unintended side effects of dynamic configuration changes that could allow an attacker to bypass configured policies. The vulnerability is due to incorrect management of the configured interface names and VPN parameters when dynamic CLI configuration changes are performed. An attacker could exploit this vulnerability by sending packets through an interface on the targeted device. A successful exploit could allow the attacker to bypass configured VPN policies. Cisco Bug IDs: CSCvh49388."}, {"lang": "es", "value": "Una vulnerabilidad en la gesti\u00f3n de configuraci\u00f3n de VPN del software Cisco FireSIGHT System podr\u00eda permitir que un atacante remoto no autenticado omita la seguridad VPN debido a efectos secundarios no planeados de los cambios de configuraci\u00f3n din\u00e1mica que podr\u00edan permitir que un atacante omita las pol\u00edticas configuradas. La vulnerabilidad se debe a la gesti\u00f3n incorrecta de los nombres de interfaz configurados y a los par\u00e1metros VPN cuando se realizan cambios de configuraci\u00f3n din\u00e1micos en la interfaz de l\u00ednea de comandos. Un atacante podr\u00eda explotar esta vulnerabilidad enviando paquetes a trav\u00e9s de una interfaz al dispositivo objetivo. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante omita las pol\u00edticas VPN configuradas. Cisco Bug IDs: CSCvh49388."}], "lastModified": "2019-10-09T23:31:47.927", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:firepower_management_center:6.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99479490-9BB9-40BD-B4FB-A23D81E48631"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}