Vulnerability CVE-2018-15390

Vulnerability Name:

CVE-2018-15390 (CCN-150786)

Assigned:

2018-10-03

Published:

2018-10-03

Updated:

2020-08-31

Summary:

A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software fails to release spinlocks when a device is running low on system memory, if the software is configured to apply FTP inspection and an access control rule to transit traffic, and the access control rule is associated with an FTP file policy. An attacker could exploit this vulnerability by sending a high rate of transit traffic through an affected device to cause a low-memory condition on the device. A successful exploit could allow the attacker to cause a software panic on the affected device, which could cause the device to reload and result in a temporary DoS condition.

CVSS v3 Severity:

6.8 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H)
5.9 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

8.6 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H)
7.5 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

7.1 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Type:

CWE-667

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2018-15390

Source: BID
Type: Third Party Advisory, VDB Entry
105519

Source: CCN
Type: BID-105519
Cisco Firepower Threat Defense CVE-2018-15390 Denial of Service Vulnerability

Source: XF
Type: UNKNOWN
cisco-cve201815390-dos(150786)

Source: CCN
Type: Cisco Security Advisory cisco-sa-20181003-ftd-inspect-dos
Cisco Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability

Source: CISCO
Type: Vendor Advisory
20181003 Cisco Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability

Vulnerable Configuration:

Configuration 1:

cpe:/a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* (Version >= 6.2.3.0 and <= 6.2.3.4)

Configuration CCN 1:

cpe:/a:cisco:firepower_threat_defense_software:6.0.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

BACK