Vulnerability-Lookup

CVE-2018-0410 (GCVE-0-2018-0410)

Vulnerability from cvelistv5 – Published: 2018-08-15 20:00 – Updated: 2024-11-26 14:48

Summary

A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability exists because the affected software improperly manages memory resources for TCP connections to a targeted device. An attacker could exploit this vulnerability by establishing a high number of TCP connections to the data interface of an affected device via IPv4 or IPv6. A successful exploit could allow the attacker to exhaust system memory, which could cause the system to stop processing new connections and result in a DoS condition. System recovery may require manual intervention. Cisco Bug IDs: CSCvf36610.

Severity ?

No CVSS data available.

CWE

CWE-400

Assigner

cisco

References

URL

Tags

	http://www.securityfocus.com/bid/105098	vdb-entryx_refsource_BID
	https://tools.cisco.com/security/center/content/C…	vendor-advisoryx_refsource_CISCO
	http://www.securitytracker.com/id/1041535	vdb-entryx_refsource_SECTRACK

Impacted products

	Vendor	Product	Version
	Cisco Systems, Inc.	AsyncOS Software for Cisco Web Security Appliances	Affected: unspecified

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:21:15.605Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "105098",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105098"
          },
          {
            "name": "20180815 Cisco Web Security Appliance Web Proxy Memory Exhaustion Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-wsa-dos"
          },
          {
            "name": "1041535",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041535"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0410",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-25T18:53:35.949892Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-26T14:48:03.996Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "AsyncOS Software for Cisco Web Security Appliances",
          "vendor": "Cisco Systems, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "unspecified"
            }
          ]
        }
      ],
      "datePublic": "2018-08-15T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability exists because the affected software improperly manages memory resources for TCP connections to a targeted device. An attacker could exploit this vulnerability by establishing a high number of TCP connections to the data interface of an affected device via IPv4 or IPv6. A successful exploit could allow the attacker to exhaust system memory, which could cause the system to stop processing new connections and result in a DoS condition. System recovery may require manual intervention. Cisco Bug IDs: CSCvf36610."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-08-29T09:57:01.000Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "105098",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105098"
        },
        {
          "name": "20180815 Cisco Web Security Appliance Web Proxy Memory Exhaustion Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-wsa-dos"
        },
        {
          "name": "1041535",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041535"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2018-08-15T00:00:00",
          "ID": "CVE-2018-0410",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "AsyncOS Software for Cisco Web Security Appliances",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "unspecified"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco Systems, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability exists because the affected software improperly manages memory resources for TCP connections to a targeted device. An attacker could exploit this vulnerability by establishing a high number of TCP connections to the data interface of an affected device via IPv4 or IPv6. A successful exploit could allow the attacker to exhaust system memory, which could cause the system to stop processing new connections and result in a DoS condition. System recovery may require manual intervention. Cisco Bug IDs: CSCvf36610."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "105098",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105098"
            },
            {
              "name": "20180815 Cisco Web Security Appliance Web Proxy Memory Exhaustion Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-wsa-dos"
            },
            {
              "name": "1041535",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041535"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0410",
    "datePublished": "2018-08-15T20:00:00.000Z",
    "dateReserved": "2017-11-27T00:00:00.000Z",
    "dateUpdated": "2024-11-26T14:48:03.996Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.securityfocus.com/bid/105098\", \"name\": \"105098\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-wsa-dos\", \"name\": \"20180815 Cisco Web Security Appliance Web Proxy Memory Exhaustion Denial of Service Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id/1041535\", \"name\": \"1041535\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T03:21:15.605Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2018-0410\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-25T18:53:35.949892Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-25T18:54:39.144Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Cisco Systems, Inc.\", \"product\": \"AsyncOS Software for Cisco Web Security Appliances\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\"}]}], \"datePublic\": \"2018-08-15T00:00:00.000Z\", \"references\": [{\"url\": \"http://www.securityfocus.com/bid/105098\", \"name\": \"105098\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-wsa-dos\", \"name\": \"20180815 Cisco Web Security Appliance Web Proxy Memory Exhaustion Denial of Service Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"]}, {\"url\": \"http://www.securitytracker.com/id/1041535\", \"name\": \"1041535\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability exists because the affected software improperly manages memory resources for TCP connections to a targeted device. An attacker could exploit this vulnerability by establishing a high number of TCP connections to the data interface of an affected device via IPv4 or IPv6. A successful exploit could allow the attacker to exhaust system memory, which could cause the system to stop processing new connections and result in a DoS condition. System recovery may require manual intervention. Cisco Bug IDs: CSCvf36610.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2018-08-29T09:57:01.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"unspecified\"}]}, \"product_name\": \"AsyncOS Software for Cisco Web Security Appliances\"}]}, \"vendor_name\": \"Cisco Systems, Inc.\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://www.securityfocus.com/bid/105098\", \"name\": \"105098\", \"refsource\": \"BID\"}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-wsa-dos\", \"name\": \"20180815 Cisco Web Security Appliance Web Proxy Memory Exhaustion Denial of Service Vulnerability\", \"refsource\": \"CISCO\"}, {\"url\": \"http://www.securitytracker.com/id/1041535\", \"name\": \"1041535\", \"refsource\": \"SECTRACK\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability exists because the affected software improperly manages memory resources for TCP connections to a targeted device. An attacker could exploit this vulnerability by establishing a high number of TCP connections to the data interface of an affected device via IPv4 or IPv6. A successful exploit could allow the attacker to exhaust system memory, which could cause the system to stop processing new connections and result in a DoS condition. System recovery may require manual intervention. Cisco Bug IDs: CSCvf36610.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-400\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2018-0410\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"psirt@cisco.com\", \"DATE_PUBLIC\": \"2018-08-15T00:00:00\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2018-0410\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-26T14:48:03.996Z\", \"dateReserved\": \"2017-11-27T00:00:00.000Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2018-08-15T20:00:00.000Z\", \"assignerShortName\": \"cisco\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GHSA-7VX9-5H56-F698

Vulnerability from github – Published: 2022-05-13 01:35 – Updated: 2022-05-13 01:35

Details

Severity ?

8.6 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-0410"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-08-15T20:29:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability exists because the affected software improperly manages memory resources for TCP connections to a targeted device. An attacker could exploit this vulnerability by establishing a high number of TCP connections to the data interface of an affected device via IPv4 or IPv6. A successful exploit could allow the attacker to exhaust system memory, which could cause the system to stop processing new connections and result in a DoS condition. System recovery may require manual intervention. Cisco Bug IDs: CSCvf36610.",
  "id": "GHSA-7vx9-5h56-f698",
  "modified": "2022-05-13T01:35:13Z",
  "published": "2022-05-13T01:35:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0410"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-wsa-dos"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/105098"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1041535"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CNVD-2018-15418

Vulnerability from cnvd - Published: 2018-08-16

Title

Cisco Web Security Appliance Web Proxy内存耗尽拒绝服务漏洞

Description

Cisco Web Security Appliance（WSA）是美国思科（Cisco）公司的一套Web安全设备。该设备提供基于SaaS的访问控制、实时网络报告和追踪、制定安全策略等功能。 Cisco Web Security Appliance Web Proxy存在内存耗尽拒绝服务漏洞，该漏洞源于受影响的软件未能正确管理与目标设备的TCP连接的内存资源。攻击者可以通过IPv4或IPv6建立与受影响设备的数据接口的大量TCP连接来利用此漏洞。成功利用可能允许攻击者耗尽系统内存，可能导致系统停止处理新连接并导致DoS条件。

Severity

中

Patch Name

Cisco Web Security Appliance Web Proxy内存耗尽拒绝服务漏洞的补丁

Patch Description

Formal description

思科发布了解决此漏洞的软件更新，用户可联系供应商获得更新信息： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-wsa-dos

Reference

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-wsa-dos

Impacted products

Name
['Cisco AsyncOS Software(for Cisco Web Security Appliances) 9.1', 'Cisco AsyncOS Software(for Cisco Web Security Appliances) 10.1', 'Cisco AsyncOS Software(for Cisco Web Security Appliances) 10.5', 'Cisco AsyncOS Software(for Cisco Web Security Appliances) 11.0']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-0410"
    }
  },
  "description": "Cisco Web Security Appliance\uff08WSA\uff09\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957Web\u5b89\u5168\u8bbe\u5907\u3002\u8be5\u8bbe\u5907\u63d0\u4f9b\u57fa\u4e8eSaaS\u7684\u8bbf\u95ee\u63a7\u5236\u3001\u5b9e\u65f6\u7f51\u7edc\u62a5\u544a\u548c\u8ffd\u8e2a\u3001\u5236\u5b9a\u5b89\u5168\u7b56\u7565\u7b49\u529f\u80fd\u3002\r\n\r\nCisco Web Security Appliance Web Proxy\u5b58\u5728\u5185\u5b58\u8017\u5c3d\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u53d7\u5f71\u54cd\u7684\u8f6f\u4ef6\u672a\u80fd\u6b63\u786e\u7ba1\u7406\u4e0e\u76ee\u6807\u8bbe\u5907\u7684TCP\u8fde\u63a5\u7684\u5185\u5b58\u8d44\u6e90\u3002 \u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7IPv4\u6216IPv6\u5efa\u7acb\u4e0e\u53d7\u5f71\u54cd\u8bbe\u5907\u7684\u6570\u636e\u63a5\u53e3\u7684\u5927\u91cfTCP\u8fde\u63a5\u6765\u5229\u7528\u6b64\u6f0f\u6d1e\u3002 \u6210\u529f\u5229\u7528\u53ef\u80fd\u5141\u8bb8\u653b\u51fb\u8005\u8017\u5c3d\u7cfb\u7edf\u5185\u5b58\uff0c\u53ef\u80fd\u5bfc\u81f4\u7cfb\u7edf\u505c\u6b62\u5904\u7406\u65b0\u8fde\u63a5\u5e76\u5bfc\u81f4DoS\u6761\u4ef6\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u601d\u79d1\u53d1\u5e03\u4e86\u89e3\u51b3\u6b64\u6f0f\u6d1e\u7684\u8f6f\u4ef6\u66f4\u65b0\uff0c\u7528\u6237\u53ef\u8054\u7cfb\u4f9b\u5e94\u5546\u83b7\u5f97\u66f4\u65b0\u4fe1\u606f\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-wsa-dos",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-15418",
  "openTime": "2018-08-16",
  "patchDescription": "Cisco Web Security Appliance\uff08WSA\uff09\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957Web\u5b89\u5168\u8bbe\u5907\u3002\u8be5\u8bbe\u5907\u63d0\u4f9b\u57fa\u4e8eSaaS\u7684\u8bbf\u95ee\u63a7\u5236\u3001\u5b9e\u65f6\u7f51\u7edc\u62a5\u544a\u548c\u8ffd\u8e2a\u3001\u5236\u5b9a\u5b89\u5168\u7b56\u7565\u7b49\u529f\u80fd\u3002\r\n\r\nCisco Web Security Appliance Web Proxy\u5b58\u5728\u5185\u5b58\u8017\u5c3d\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u53d7\u5f71\u54cd\u7684\u8f6f\u4ef6\u672a\u80fd\u6b63\u786e\u7ba1\u7406\u4e0e\u76ee\u6807\u8bbe\u5907\u7684TCP\u8fde\u63a5\u7684\u5185\u5b58\u8d44\u6e90\u3002 \u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7IPv4\u6216IPv6\u5efa\u7acb\u4e0e\u53d7\u5f71\u54cd\u8bbe\u5907\u7684\u6570\u636e\u63a5\u53e3\u7684\u5927\u91cfTCP\u8fde\u63a5\u6765\u5229\u7528\u6b64\u6f0f\u6d1e\u3002 \u6210\u529f\u5229\u7528\u53ef\u80fd\u5141\u8bb8\u653b\u51fb\u8005\u8017\u5c3d\u7cfb\u7edf\u5185\u5b58\uff0c\u53ef\u80fd\u5bfc\u81f4\u7cfb\u7edf\u505c\u6b62\u5904\u7406\u65b0\u8fde\u63a5\u5e76\u5bfc\u81f4DoS\u6761\u4ef6\u3002 \u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Web Security Appliance Web Proxy\u5185\u5b58\u8017\u5c3d\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco AsyncOS Software(for Cisco Web Security Appliances) 9.1",
      "Cisco AsyncOS Software(for Cisco Web Security Appliances) 10.1",
      "Cisco AsyncOS Software(for Cisco Web Security Appliances) 10.5",
      "Cisco AsyncOS Software(for Cisco Web Security Appliances) 11.0"
    ]
  },
  "referenceLink": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-wsa-dos",
  "serverity": "\u4e2d",
  "submitTime": "2018-08-16",
  "title": "Cisco Web Security Appliance Web Proxy\u5185\u5b58\u8017\u5c3d\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

GSD-2018-0410

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-0410

Aliases

CVE-2018-0410

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-0410",
    "description": "A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability exists because the affected software improperly manages memory resources for TCP connections to a targeted device. An attacker could exploit this vulnerability by establishing a high number of TCP connections to the data interface of an affected device via IPv4 or IPv6. A successful exploit could allow the attacker to exhaust system memory, which could cause the system to stop processing new connections and result in a DoS condition. System recovery may require manual intervention. Cisco Bug IDs: CSCvf36610.",
    "id": "GSD-2018-0410"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-0410"
      ],
      "details": "A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability exists because the affected software improperly manages memory resources for TCP connections to a targeted device. An attacker could exploit this vulnerability by establishing a high number of TCP connections to the data interface of an affected device via IPv4 or IPv6. A successful exploit could allow the attacker to exhaust system memory, which could cause the system to stop processing new connections and result in a DoS condition. System recovery may require manual intervention. Cisco Bug IDs: CSCvf36610.",
      "id": "GSD-2018-0410",
      "modified": "2023-12-13T01:22:24.642113Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "DATE_PUBLIC": "2018-08-15T00:00:00",
        "ID": "CVE-2018-0410",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "AsyncOS Software for Cisco Web Security Appliances",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "unspecified"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Cisco Systems, Inc."
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability exists because the affected software improperly manages memory resources for TCP connections to a targeted device. An attacker could exploit this vulnerability by establishing a high number of TCP connections to the data interface of an affected device via IPv4 or IPv6. A successful exploit could allow the attacker to exhaust system memory, which could cause the system to stop processing new connections and result in a DoS condition. System recovery may require manual intervention. Cisco Bug IDs: CSCvf36610."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-400"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "105098",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/105098"
          },
          {
            "name": "20180815 Cisco Web Security Appliance Web Proxy Memory Exhaustion Denial of Service Vulnerability",
            "refsource": "CISCO",
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-wsa-dos"
          },
          {
            "name": "1041535",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1041535"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:web_security_appliance:10.5.2-042:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:web_security_appliance:11.0.0-641:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:web_security_appliance:9.1.1-074:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:web_security_appliance:9.1.2-010:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:web_security_appliance:10.1.1-235:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:web_security_appliance:10.5.1-296:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:web_security_appliance:9.1.2-022:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:web_security_appliance:10.1.0-204:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:web_security_appliance:10.5.1-270:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:web_security_appliance:9.1.2-039:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2018-0410"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability exists because the affected software improperly manages memory resources for TCP connections to a targeted device. An attacker could exploit this vulnerability by establishing a high number of TCP connections to the data interface of an affected device via IPv4 or IPv6. A successful exploit could allow the attacker to exhaust system memory, which could cause the system to stop processing new connections and result in a DoS condition. System recovery may require manual intervention. Cisco Bug IDs: CSCvf36610."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20180815 Cisco Web Security Appliance Web Proxy Memory Exhaustion Denial of Service Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-wsa-dos"
            },
            {
              "name": "105098",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/105098"
            },
            {
              "name": "1041535",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1041535"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": true,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 4.0
        }
      },
      "lastModifiedDate": "2019-10-09T23:32Z",
      "publishedDate": "2018-08-15T20:29Z"
    }
  }
}

FKIE_CVE-2018-0410

Vulnerability from fkie_nvd - Published: 2018-08-15 20:29 - Updated: 2024-11-21 03:38

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/105098	Third Party Advisory, VDB Entry
psirt@cisco.com	http://www.securitytracker.com/id/1041535	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-wsa-dos	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/105098	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1041535	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-wsa-dos	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	web_security_appliance	9.1.1-074
cisco	web_security_appliance	9.1.2-010
cisco	web_security_appliance	9.1.2-022
cisco	web_security_appliance	9.1.2-039
cisco	web_security_appliance	10.1.0-204
cisco	web_security_appliance	10.1.1-235
cisco	web_security_appliance	10.5.1-270
cisco	web_security_appliance	10.5.1-296
cisco	web_security_appliance	10.5.2-042
cisco	web_security_appliance	11.0.0-641

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:web_security_appliance:9.1.1-074:*:*:*:*:*:*:*",
              "matchCriteriaId": "35F4D6C1-3493-400B-AAE8-E2C00AE53BE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_appliance:9.1.2-010:*:*:*:*:*:*:*",
              "matchCriteriaId": "A74AFB73-5414-49C8-8209-9392E5406806",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_appliance:9.1.2-022:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A56C459-EC60-43EC-A534-114909CCC369",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_appliance:9.1.2-039:*:*:*:*:*:*:*",
              "matchCriteriaId": "A59C67DF-D4A9-4B3E-98E2-A95604F75952",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_appliance:10.1.0-204:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC71F9F5-B0BA-4415-A4C8-9D0B15732A54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_appliance:10.1.1-235:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BA9660A-C242-4080-9B38-A819A3BBCF70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_appliance:10.5.1-270:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C2F79DB-DA5F-47E1-9FE1-EF9114004BB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_appliance:10.5.1-296:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC67BB76-C4E8-4AC2-B5F5-4FB36336273D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_appliance:10.5.2-042:*:*:*:*:*:*:*",
              "matchCriteriaId": "11E7DC30-5299-46A8-A82A-7DFB2E6608AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_appliance:11.0.0-641:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4B430E9-EBFF-4B90-9844-D9758FA626D1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected system. The vulnerability exists because the affected software improperly manages memory resources for TCP connections to a targeted device. An attacker could exploit this vulnerability by establishing a high number of TCP connections to the data interface of an affected device via IPv4 or IPv6. A successful exploit could allow the attacker to exhaust system memory, which could cause the system to stop processing new connections and result in a DoS condition. System recovery may require manual intervention. Cisco Bug IDs: CSCvf36610."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad de proxy web de Cisco AsyncOS Software para Cisco Web Security Appliances podr\u00eda permitir que un atacante remoto no autenticado agote la memoria del sistema y provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un sistema afectado. La vulnerabilidad existe debido a que el software afectado gestiona de forma incorrecta los recursos de memoria para las conexiones TCP en un dispositivo objetivo. Un atacante podr\u00eda explotar esta vulnerabilidad estableciendo un alto n\u00famero de conexiones TCP en la interfaz de datos de un dispositivo afectado mediante IPv4 o IPv6. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante agote la memoria del sistema, lo que podr\u00eda provocar que el sistema deje de procesar nuevas conexiones y desemboque en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La recuperaci\u00f3n del sistema podr\u00eda requerir la intervenci\u00f3n manual. Cisco Bug IDs: CSCvf36610."
    }
  ],
  "id": "CVE-2018-0410",
  "lastModified": "2024-11-21T03:38:10.247",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-08-15T20:29:00.657",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105098"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041535"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-wsa-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105098"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041535"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-wsa-dos"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTFR-2018-AVI-393

Vulnerability from certfr_avis - Published: 2018-08-16 - Updated: 2018-08-16

De multiples vulnérabilités ont été découvertes dans les produits Cisco. Elles permettent à un attaquant de provoquer un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	Cisco AsyncOS versions 9.1, 10.1, 10.5 et 11.0 pour Cisco Web Security Appliances
Cisco	Unified Communications	Cisco TelePresence Video Communication Server (VCS) et Expressway avec le mode Unified Communications défini à Mobile and Remote Access
Cisco	Unified Communications Manager	Cisco Unified Communications Manager IM & Presence Service

References

Title

Publication Time

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-0410 (GCVE-0-2018-0410)

GHSA-7VX9-5H56-F698

CNVD-2018-15418

GSD-2018-0410

FKIE_CVE-2018-0410

CERTFR-2018-AVI-393

Solution

Tags

Sightings

Nomenclature