CVE-2018-15399

{"id": "CVE-2018-15399", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 2.2}]}, "published": "2018-10-05T14:29:08.327", "references": [{"url": "http://www.securitytracker.com/id/1041785", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-syslog-dos", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-770"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the TCP syslog module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust the 1550-byte buffers on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing boundary check in an internal function. An attacker could exploit this vulnerability by establishing a man-in-the-middle position between an affected device and its configured TCP syslog server and then maliciously modifying the TCP header in segments that are sent from the syslog server to the affected device. A successful exploit could allow the attacker to exhaust buffer on the affected device and cause all TCP-based features to stop functioning, resulting in a DoS condition. The affected TCP-based features include AnyConnect SSL VPN, clientless SSL VPN, and management connections such as Secure Shell (SSH), Telnet, and HTTPS."}, {"lang": "es", "value": "Una vulnerabilidad en el m\u00f3dulo TCP syslog de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software podr\u00edan permitir que un atacante remoto no autenticado agote los b\u00fafers de 1550 bytes en un dispositivo afectado, lo que resulta en una denegaci\u00f3n de servicio (DoS). La vulnerabilidad se debe a una falta de comprobaci\u00f3n de l\u00edmites en una funci\u00f3n interna. Un atacante podr\u00eda explotar esta vulnerabilidad estableciendo una posici\u00f3n Man-in-the-Middle (MitM) entre un dispositivo afectado y su servidor syslog TCP configurado y, despu\u00e9s, modificando la cabecera TCP en los segmentos que se env\u00edan desde el servidor syslog al dispositivo afectado. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante agote el b\u00fafer del dispositivo afectado y haga que todas las funcionalidades basadas en TCP dejen de funcionar, lo que resulta en una denegaci\u00f3n de servicio (DoS). Las funcionalidades basadas en TCP incluyen AnyConnect SSL VPN y SSL VPN sin cliente, as\u00ed como las conexiones de gesti\u00f3n como Secure Shell (SSH), Telnet y HTTPS."}], "lastModified": "2023-08-15T15:21:44.127", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4\\(4\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34B82BEF-0046-4095-9D8F-7D67518659E9"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8\\(2\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8EA6DC7B-87E1-4331-A199-B5013F113D6E"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1DC52A8B-7DF4-47B2-9F49-627F59656E5E"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}