Vulnerability-Lookup

CVE-2018-0421 (GCVE-0-2018-0421)

Vulnerability from cvelistv5 – Published: 2018-10-05 14:00 – Updated: 2024-11-26 14:45

Title

Cisco Prime Access Registrar Denial of Service Vulnerability

Summary

A vulnerability in TCP connection management in Cisco Prime Access Registrar could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the application unexpectedly restarts. The vulnerability is due to incorrect handling of incoming TCP SYN packets to specific listening ports. The improper handling of the TCP SYN packets could cause a system file description to be allocated and not freed. An attacker could exploit this vulnerability by sending a crafted stream of TCP SYN packets to the application. A successful exploit could allow the attacker to cause the application to eventually restart if a file description cannot be obtained.

Severity ?

No CVSS data available.

CWE

CWE-399

Assigner

cisco

References

URL

Tags

	https://tools.cisco.com/security/center/content/C…	vendor-advisoryx_refsource_CISCO
	http://www.securitytracker.com/id/1041684	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/105282	vdb-entryx_refsource_BID

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Prime Access Registrar	Affected: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:21:15.674Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20180905 Cisco Prime Access Registrar Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-cpar-dos"
          },
          {
            "name": "1041684",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041684"
          },
          {
            "name": "105282",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105282"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0421",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-25T18:53:31.351699Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-26T14:45:57.288Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Prime Access Registrar",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-09-05T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in TCP connection management in Cisco Prime Access Registrar could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the application unexpectedly restarts. The vulnerability is due to incorrect handling of incoming TCP SYN packets to specific listening ports. The improper handling of the TCP SYN packets could cause a system file description to be allocated and not freed. An attacker could exploit this vulnerability by sending a crafted stream of TCP SYN packets to the application. A successful exploit could allow the attacker to cause the application to eventually restart if a file description cannot be obtained."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "CWE-399",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-07T09:57:02.000Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20180905 Cisco Prime Access Registrar Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-cpar-dos"
        },
        {
          "name": "1041684",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041684"
        },
        {
          "name": "105282",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105282"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20180905-cpar-dos",
        "defect": [
          [
            "CSCvk08672"
          ]
        ],
        "discovery": "UNKNOWN"
      },
      "title": "Cisco Prime Access Registrar Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2018-09-05T16:00:00-0500",
          "ID": "CVE-2018-0421",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Prime Access Registrar Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Prime Access Registrar",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in TCP connection management in Cisco Prime Access Registrar could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the application unexpectedly restarts. The vulnerability is due to incorrect handling of incoming TCP SYN packets to specific listening ports. The improper handling of the TCP SYN packets could cause a system file description to be allocated and not freed. An attacker could exploit this vulnerability by sending a crafted stream of TCP SYN packets to the application. A successful exploit could allow the attacker to cause the application to eventually restart if a file description cannot be obtained."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20180905 Cisco Prime Access Registrar Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-cpar-dos"
            },
            {
              "name": "1041684",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041684"
            },
            {
              "name": "105282",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105282"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20180905-cpar-dos",
          "defect": [
            [
              "CSCvk08672"
            ]
          ],
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0421",
    "datePublished": "2018-10-05T14:00:00.000Z",
    "dateReserved": "2017-11-27T00:00:00.000Z",
    "dateUpdated": "2024-11-26T14:45:57.288Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-cpar-dos\", \"name\": \"20180905 Cisco Prime Access Registrar Denial of Service Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id/1041684\", \"name\": \"1041684\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/105282\", \"name\": \"105282\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T03:21:15.674Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2018-0421\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-25T18:53:31.351699Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-25T18:54:33.832Z\"}}], \"cna\": {\"title\": \"Cisco Prime Access Registrar Denial of Service Vulnerability\", \"source\": {\"defect\": [[\"CSCvk08672\"]], \"advisory\": \"cisco-sa-20180905-cpar-dos\", \"discovery\": \"UNKNOWN\"}, \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Prime Access Registrar\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2018-09-05T00:00:00.000Z\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-cpar-dos\", \"name\": \"20180905 Cisco Prime Access Registrar Denial of Service Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"]}, {\"url\": \"http://www.securitytracker.com/id/1041684\", \"name\": \"1041684\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://www.securityfocus.com/bid/105282\", \"name\": \"105282\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in TCP connection management in Cisco Prime Access Registrar could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the application unexpectedly restarts. The vulnerability is due to incorrect handling of incoming TCP SYN packets to specific listening ports. The improper handling of the TCP SYN packets could cause a system file description to be allocated and not freed. An attacker could exploit this vulnerability by sending a crafted stream of TCP SYN packets to the application. A successful exploit could allow the attacker to cause the application to eventually restart if a file description cannot be obtained.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-399\", \"description\": \"CWE-399\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2018-10-07T09:57:02.000Z\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"version\": \"3.0\", \"baseScore\": \"8.6\"}}, \"source\": {\"defect\": [[\"CSCvk08672\"]], \"advisory\": \"cisco-sa-20180905-cpar-dos\", \"discovery\": \"UNKNOWN\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"Cisco Prime Access Registrar\"}]}, \"vendor_name\": \"Cisco\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-cpar-dos\", \"name\": \"20180905 Cisco Prime Access Registrar Denial of Service Vulnerability\", \"refsource\": \"CISCO\"}, {\"url\": \"http://www.securitytracker.com/id/1041684\", \"name\": \"1041684\", \"refsource\": \"SECTRACK\"}, {\"url\": \"http://www.securityfocus.com/bid/105282\", \"name\": \"105282\", \"refsource\": \"BID\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"A vulnerability in TCP connection management in Cisco Prime Access Registrar could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the application unexpectedly restarts. The vulnerability is due to incorrect handling of incoming TCP SYN packets to specific listening ports. The improper handling of the TCP SYN packets could cause a system file description to be allocated and not freed. An attacker could exploit this vulnerability by sending a crafted stream of TCP SYN packets to the application. A successful exploit could allow the attacker to cause the application to eventually restart if a file description cannot be obtained.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-399\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2018-0421\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Cisco Prime Access Registrar Denial of Service Vulnerability\", \"ASSIGNER\": \"psirt@cisco.com\", \"DATE_PUBLIC\": \"2018-09-05T16:00:00-0500\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2018-0421\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-26T14:45:57.288Z\", \"dateReserved\": \"2017-11-27T00:00:00.000Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2018-10-05T14:00:00.000Z\", \"assignerShortName\": \"cisco\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2018-AVI-423

Vulnerability from certfr_avis - Published: 2018-09-06 - Updated: 2018-09-06

De multiples vulnérabilités ont été découvertes dans les produits Cisco . Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	Cisco Webex Meetings Suite (WBS33) versions antérieures à WBS33.4
Cisco	N/A	Cisco Umbrella Roaming Module versions antérieures à 4.6.1098
Cisco	N/A	Cisco Webex Teams versions antérieures à 20180417-150803
Cisco	N/A	Cisco Prime Access Registrar Software versions antérieures à 7.3.0.4
Cisco	N/A	vSmart Controller Software avec Cisco SD-WAN Solution versions antérieures à 18.3.0
Cisco	N/A	Cisco Webex Meetings versions antérieures à 1.3.37 (disponible à partir du 14 septembre 2018)
Cisco	N/A	Cisco Prime Access Registrar Software versions 8.0.x antérieures à 8.0.1.1
Cisco	N/A	vEdge 2000 Series Routers avec Cisco SD-WAN Solution versions antérieures à 18.3.0
Cisco	N/A	vBond Orchestrator Software avec Cisco SD-WAN Solution versions antérieures à 18.3.0
Cisco	N/A	Cisco Integrated Management Controller (IMC) versions 3.1.x antérieures à 3.1(3a)
Cisco	N/A	vManage Network Management System avec Cisco SD-WAN Solution versions antérieures à 18.3.0
Cisco	N/A	Cisco Umbrella Enterprise Roaming Client (ERC) versions antérieures à 2.1.127
Cisco	N/A	vEdge Cloud Router Platform avec Cisco SD-WAN Solution versions antérieures à 18.3.0
Cisco	N/A	Cisco Integrated Management Controller (IMC) versions 2.x et 3.0.x antérieures à 3.0(4d)
Cisco	N/A	Cisco Data Center Network Manager versions antérieures à 11.0(1)
Cisco	N/A	vEdge 1000 Series Routers avec Cisco SD-WAN Solution versions antérieures à 18.3.0
Cisco	N/A	Cisco Webex Meetings Server versions antérieures à 3.0MR2
Cisco	N/A	Cisco RV130W Wireless-N Multifunction VPN Router versions antérieures à 1.0.3.44
Cisco	N/A	vEdge 5000 Series Routers avec Cisco SD-WAN Solution versions antérieures à 18.3.0
Cisco	N/A	Cisco Umbrella API
Cisco	N/A	Cisco Webex Meetings Suite versions antérieures à WBS32.15.20
Cisco	N/A	vEdge 100 Series Routers avec Cisco SD-WAN Solution versions antérieures à 18.3.0

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20180905-sd-wan-escalation du 05 septembre 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180905-sd-wan-validation du 05 septembre 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180905-rv-routers-injection du 05 septembre 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180905-umbrella-file-read du 05 septembre 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180905-cdcnm-escalation du 05 septembre 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180905-cpar-dos du 05 septembre 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180905-rv-routers-traversal du 05 septembre 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180905-rv-routers-disclosure du 05 septembre 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180905-cimc-injection du 05 septembre 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180905-sd-wan-injection du 05 septembre 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180905-umbrella-priv du 05 septembre 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180905-webex-id-mod du 05 septembre 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180905-umbrella-api du 05 septembre 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180905-webex-pe du 05 septembre 2018	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20180905-rv-routers-overflow du 05 septembre 2018	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco Webex Meetings Suite (WBS33) versions ant\u00e9rieures \u00e0 WBS33.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Umbrella Roaming Module versions ant\u00e9rieures \u00e0 4.6.1098",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Webex Teams versions ant\u00e9rieures \u00e0 20180417-150803",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Prime Access Registrar Software versions ant\u00e9rieures \u00e0 7.3.0.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "vSmart Controller Software avec Cisco SD-WAN Solution versions ant\u00e9rieures \u00e0 18.3.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Webex Meetings versions ant\u00e9rieures \u00e0 1.3.37 (disponible \u00e0 partir du 14 septembre 2018)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Prime Access Registrar Software versions 8.0.x ant\u00e9rieures \u00e0 8.0.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "vEdge 2000 Series Routers avec Cisco SD-WAN Solution versions ant\u00e9rieures \u00e0 18.3.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "vBond Orchestrator Software avec Cisco SD-WAN Solution versions ant\u00e9rieures \u00e0 18.3.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Integrated Management Controller (IMC) versions 3.1.x ant\u00e9rieures \u00e0 3.1(3a)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "vManage Network Management System avec Cisco SD-WAN Solution versions ant\u00e9rieures \u00e0 18.3.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Umbrella Enterprise Roaming Client (ERC) versions ant\u00e9rieures \u00e0 2.1.127",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "vEdge Cloud Router Platform avec Cisco SD-WAN Solution versions ant\u00e9rieures \u00e0 18.3.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Integrated Management Controller (IMC) versions 2.x et 3.0.x ant\u00e9rieures \u00e0 3.0(4d)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Data Center Network Manager versions ant\u00e9rieures \u00e0 11.0(1)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "vEdge 1000 Series Routers avec Cisco SD-WAN Solution versions ant\u00e9rieures \u00e0 18.3.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Webex Meetings Server versions ant\u00e9rieures \u00e0 3.0MR2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco RV130W Wireless-N Multifunction VPN Router versions ant\u00e9rieures \u00e0 1.0.3.44",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "vEdge 5000 Series Routers avec Cisco SD-WAN Solution versions ant\u00e9rieures \u00e0 18.3.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Umbrella API",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Webex Meetings Suite versions ant\u00e9rieures \u00e0 WBS32.15.20",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "vEdge 100 Series Routers avec Cisco SD-WAN Solution versions ant\u00e9rieures \u00e0 18.3.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-0434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0434"
    },
    {
      "name": "CVE-2018-0438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0438"
    },
    {
      "name": "CVE-2018-0433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0433"
    },
    {
      "name": "CVE-2018-0436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0436"
    },
    {
      "name": "CVE-2018-0426",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0426"
    },
    {
      "name": "CVE-2018-0425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0425"
    },
    {
      "name": "CVE-2018-0437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0437"
    },
    {
      "name": "CVE-2018-0423",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0423"
    },
    {
      "name": "CVE-2018-0424",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0424"
    },
    {
      "name": "CVE-2018-0421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0421"
    },
    {
      "name": "CVE-2018-0435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0435"
    },
    {
      "name": "CVE-2018-0430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0430"
    },
    {
      "name": "CVE-2018-0422",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0422"
    },
    {
      "name": "CVE-2018-0431",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0431"
    },
    {
      "name": "CVE-2018-0432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0432"
    },
    {
      "name": "CVE-2018-0440",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-0440"
    }
  ],
  "initial_release_date": "2018-09-06T00:00:00",
  "last_revision_date": "2018-09-06T00:00:00",
  "links": [],
  "reference": "CERTFR-2018-AVI-423",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2018-09-06T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Cisco\n. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180905-sd-wan-escalation du 05 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-escalation"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180905-sd-wan-validation du 05 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-validation"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180905-rv-routers-injection du 05 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-rv-routers-injection"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180905-umbrella-file-read du 05 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-umbrella-file-read"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180905-cdcnm-escalation du 05 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-cdcnm-escalation"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180905-cpar-dos du 05 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-cpar-dos"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180905-rv-routers-traversal du 05 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-rv-routers-traversal"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180905-rv-routers-disclosure du 05 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-rv-routers-disclosure"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180905-cimc-injection du 05 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-cimc-injection"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180905-sd-wan-injection du 05 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-sd-wan-injection"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180905-umbrella-priv du 05 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-umbrella-priv"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180905-webex-id-mod du 05 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-webex-id-mod"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180905-umbrella-api du 05 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-umbrella-api"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180905-webex-pe du 05 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-webex-pe"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20180905-rv-routers-overflow du 05 septembre 2018",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-rv-routers-overflow"
    }
  ]
}

GHSA-3VP8-X92W-R8QP

Vulnerability from github – Published: 2022-05-13 01:35 – Updated: 2022-05-13 01:35

Details

Severity ?

8.6 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-0421"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-772"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-10-05T14:29:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in TCP connection management in Cisco Prime Access Registrar could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the application unexpectedly restarts. The vulnerability is due to incorrect handling of incoming TCP SYN packets to specific listening ports. The improper handling of the TCP SYN packets could cause a system file description to be allocated and not freed. An attacker could exploit this vulnerability by sending a crafted stream of TCP SYN packets to the application. A successful exploit could allow the attacker to cause the application to eventually restart if a file description cannot be obtained.",
  "id": "GHSA-3vp8-x92w-r8qp",
  "modified": "2022-05-13T01:35:11Z",
  "published": "2022-05-13T01:35:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-0421"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-cpar-dos"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/105282"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1041684"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CNVD-2018-18787

Vulnerability from cnvd - Published: 2018-09-14

Title

Cisco Prime Access Registrar拒绝服务漏洞

Description

Cisco Prime Access Registrar和Prime Access Registrar Jumpstar都是访问注册器。 Cisco Prime Access Registrar和Cisco Prime Access Registrar Jumpstart 7.3.0.4之前版本和8.0.1.1版本，TCP连接管理存在资源管理错误漏洞，该漏洞源于对监听端口的TCP SYN输入数据包处理错误。远程攻击者可通过向程序发送一连串特制的TCP SYN数据包利用该漏洞造成拒绝服务（应用程序意外重启）。

Severity

高

Patch Name

Cisco Prime Access Registrar拒绝服务漏洞的补丁

Patch Description

Formal description

目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-cpar-dos

Reference

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0421

Impacted products

Name
Cisco Prime Access Registrar < 8.0.1.1

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-0421"
    }
  },
  "description": "Cisco Prime Access Registrar\u548cPrime Access Registrar Jumpstar\u90fd\u662f\u8bbf\u95ee\u6ce8\u518c\u5668\u3002\r\n\r\nCisco Prime Access Registrar\u548cCisco Prime Access Registrar Jumpstart 7.3.0.4\u4e4b\u524d\u7248\u672c\u548c8.0.1.1\u7248\u672c\uff0cTCP\u8fde\u63a5\u7ba1\u7406\u5b58\u5728\u8d44\u6e90\u7ba1\u7406\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5bf9\u76d1\u542c\u7aef\u53e3\u7684TCP SYN\u8f93\u5165\u6570\u636e\u5305\u5904\u7406\u9519\u8bef\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5411\u7a0b\u5e8f\u53d1\u9001\u4e00\u8fde\u4e32\u7279\u5236\u7684TCP SYN\u6570\u636e\u5305\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u5e94\u7528\u7a0b\u5e8f\u610f\u5916\u91cd\u542f\uff09\u3002",
  "discovererName": "unknwon",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-cpar-dos",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-18787",
  "openTime": "2018-09-14",
  "patchDescription": "Cisco Prime Access Registrar\u548cPrime Access Registrar Jumpstar\u90fd\u662f\u8bbf\u95ee\u6ce8\u518c\u5668\u3002\r\n\r\nCisco Prime Access Registrar\u548cCisco Prime Access Registrar Jumpstart 7.3.0.4\u4e4b\u524d\u7248\u672c\u548c8.0.1.1\u7248\u672c\uff0cTCP\u8fde\u63a5\u7ba1\u7406\u5b58\u5728\u8d44\u6e90\u7ba1\u7406\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5bf9\u76d1\u542c\u7aef\u53e3\u7684TCP SYN\u8f93\u5165\u6570\u636e\u5305\u5904\u7406\u9519\u8bef\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5411\u7a0b\u5e8f\u53d1\u9001\u4e00\u8fde\u4e32\u7279\u5236\u7684TCP SYN\u6570\u636e\u5305\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u5e94\u7528\u7a0b\u5e8f\u610f\u5916\u91cd\u542f\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Prime Access Registrar\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Cisco Prime Access Registrar \u003c 8.0.1.1"
  },
  "referenceLink": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0421",
  "serverity": "\u9ad8",
  "submitTime": "2018-09-10",
  "title": "Cisco Prime Access Registrar\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

GSD-2018-0421

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-0421

Aliases

CVE-2018-0421

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-0421",
    "description": "A vulnerability in TCP connection management in Cisco Prime Access Registrar could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the application unexpectedly restarts. The vulnerability is due to incorrect handling of incoming TCP SYN packets to specific listening ports. The improper handling of the TCP SYN packets could cause a system file description to be allocated and not freed. An attacker could exploit this vulnerability by sending a crafted stream of TCP SYN packets to the application. A successful exploit could allow the attacker to cause the application to eventually restart if a file description cannot be obtained.",
    "id": "GSD-2018-0421"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-0421"
      ],
      "details": "A vulnerability in TCP connection management in Cisco Prime Access Registrar could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the application unexpectedly restarts. The vulnerability is due to incorrect handling of incoming TCP SYN packets to specific listening ports. The improper handling of the TCP SYN packets could cause a system file description to be allocated and not freed. An attacker could exploit this vulnerability by sending a crafted stream of TCP SYN packets to the application. A successful exploit could allow the attacker to cause the application to eventually restart if a file description cannot be obtained.",
      "id": "GSD-2018-0421",
      "modified": "2023-12-13T01:22:24.646375Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "DATE_PUBLIC": "2018-09-05T16:00:00-0500",
        "ID": "CVE-2018-0421",
        "STATE": "PUBLIC",
        "TITLE": "Cisco Prime Access Registrar Denial of Service Vulnerability"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Cisco Prime Access Registrar ",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Cisco"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability in TCP connection management in Cisco Prime Access Registrar could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the application unexpectedly restarts. The vulnerability is due to incorrect handling of incoming TCP SYN packets to specific listening ports. The improper handling of the TCP SYN packets could cause a system file description to be allocated and not freed. An attacker could exploit this vulnerability by sending a crafted stream of TCP SYN packets to the application. A successful exploit could allow the attacker to cause the application to eventually restart if a file description cannot be obtained."
          }
        ]
      },
      "impact": {
        "cvss": {
          "baseScore": "8.6",
          "version": "3.0"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-399"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20180905 Cisco Prime Access Registrar Denial of Service Vulnerability",
            "refsource": "CISCO",
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-cpar-dos"
          },
          {
            "name": "1041684",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1041684"
          },
          {
            "name": "105282",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/105282"
          }
        ]
      },
      "source": {
        "advisory": "cisco-sa-20180905-cpar-dos",
        "defect": [
          [
            "CSCvk08672"
          ]
        ],
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:prime_access_registrar:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.0.1.1",
                "versionStartIncluding": "8.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:prime_access_registrar_jumpstart:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.0.1.1",
                "versionStartIncluding": "8.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:prime_access_registrar_jumpstart:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.3.0.4",
                "versionStartIncluding": "7.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:prime_access_registrar:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.3.0.4",
                "versionStartIncluding": "7.3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2018-0421"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability in TCP connection management in Cisco Prime Access Registrar could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the application unexpectedly restarts. The vulnerability is due to incorrect handling of incoming TCP SYN packets to specific listening ports. The improper handling of the TCP SYN packets could cause a system file description to be allocated and not freed. An attacker could exploit this vulnerability by sending a crafted stream of TCP SYN packets to the application. A successful exploit could allow the attacker to cause the application to eventually restart if a file description cannot be obtained."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-772"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20180905 Cisco Prime Access Registrar Denial of Service Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-cpar-dos"
            },
            {
              "name": "1041684",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1041684"
            },
            {
              "name": "105282",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/105282"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 4.0
        }
      },
      "lastModifiedDate": "2019-10-09T23:32Z",
      "publishedDate": "2018-10-05T14:29Z"
    }
  }
}

FKIE_CVE-2018-0421

Vulnerability from fkie_nvd - Published: 2018-10-05 14:29 - Updated: 2024-11-21 03:38

Severity ?

8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Summary

References

URL	Tags
psirt@cisco.com	http://www.securityfocus.com/bid/105282	Third Party Advisory, VDB Entry
psirt@cisco.com	http://www.securitytracker.com/id/1041684	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-cpar-dos	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/105282	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1041684	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-cpar-dos	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	prime_access_registrar	*
cisco	prime_access_registrar	*
cisco	prime_access_registrar_jumpstart	*
cisco	prime_access_registrar_jumpstart	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:prime_access_registrar:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4122D49A-3EB8-4DFF-9712-E7CBE2DD72E3",
              "versionEndExcluding": "7.3.0.4",
              "versionStartIncluding": "7.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:prime_access_registrar:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B99D7CAE-733C-484D-AB98-7C89B8759ABD",
              "versionEndExcluding": "8.0.1.1",
              "versionStartIncluding": "8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:prime_access_registrar_jumpstart:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD29882-1851-4D2C-9B4E-0870DEED4F5C",
              "versionEndExcluding": "7.3.0.4",
              "versionStartIncluding": "7.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:prime_access_registrar_jumpstart:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D64A87E-B624-4B3E-BEA8-458D10656C5C",
              "versionEndExcluding": "8.0.1.1",
              "versionStartIncluding": "8.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in TCP connection management in Cisco Prime Access Registrar could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the application unexpectedly restarts. The vulnerability is due to incorrect handling of incoming TCP SYN packets to specific listening ports. The improper handling of the TCP SYN packets could cause a system file description to be allocated and not freed. An attacker could exploit this vulnerability by sending a crafted stream of TCP SYN packets to the application. A successful exploit could allow the attacker to cause the application to eventually restart if a file description cannot be obtained."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la administraci\u00f3n de las conexiones TCP en Cisco Prime Access Registrar podr\u00eda permitir que un atacante remoto sin autenticar provoque una denegaci\u00f3n de servicio (DoS) cuando la aplicaci\u00f3n se reinicia de manera inesperada. Esta vulnerabilidad se debe al manejo incorrecto de los paquetes TCP SYN en puertos de escucha espec\u00edficos. El manejo incorrecto de los paquetes TCP SYN podr\u00eda provocar que se asigne y no se libere una descripci\u00f3n de un archivo del sistema. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un flujo manipulado de paquetes TCP SYN a la aplicaci\u00f3n. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante provoque que la aplicaci\u00f3n acabe por reiniciarse si no se puede obtener una descripci\u00f3n de archivo."
    }
  ],
  "id": "CVE-2018-0421",
  "lastModified": "2024-11-21T03:38:11.630",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-10-05T14:29:00.623",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105282"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041684"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-cpar-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105282"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041684"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-cpar-dos"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-772"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-0421 (GCVE-0-2018-0421)

CERTFR-2018-AVI-423

Solution

GHSA-3VP8-X92W-R8QP

CNVD-2018-18787

GSD-2018-0421

FKIE_CVE-2018-0421

Tags

Sightings

Nomenclature