CVE-2018-0230 : A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for Cis

A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to the affected software improperly validating IP Version 4 (IPv4) and IP Version 6 (IPv6) packets after the software reassembles the packets (following IP Fragmentation). An attacker could exploit this vulnerability by sending a series of malicious, fragmented IPv4 or IPv6 packets to an affected device. A successful exploit could allow the attacker to cause Snort processes on the affected device to hang at 100% CPU utilization, which could cause the device to stop processing traffic and result in a DoS condition until the device is reloaded manually. This vulnerability affects Cisco Firepower Threat Defense (FTD) Software Releases 6.2.1 and 6.2.2, if the software is running on a Cisco Firepower 2100 Series Security Appliance. Cisco Bug IDs: CSCvf91098.

Published 2018-04-19 20:29:00

Updated 2023-08-15 15:21:44

Source Cisco Systems, Inc.

View at NVD, CVE.org

Vulnerability category: Denial of service

Exploit prediction scoring system (EPSS) score for CVE-2018-0230

Probability of exploitation activity in the next 30 days: 0.13%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 47 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2018-0230

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.8	HIGH	AV:N/AC:L/Au:N/C:N/I:N/A:C	10.0	6.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete
8.6	HIGH	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H	3.9	4.0	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Changed Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2018-0230

CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.
Assigned by:
- nvd@nist.gov (Primary)
- ykramarz@cisco.com (Secondary)

References for CVE-2018-0230

http://www.securityfocus.com/bid/103931

Cisco Firepower Threat Defense Software CVE-2018-0230 Denial of Service Vulnerability
Third Party Advisory;VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fp2100

Cisco Firepower 2100 Series Security Appliances IP Fragmentation Denial of Service Vulnerability
Vendor Advisory

Products affected by CVE-2018-0230

Cisco » Adaptive Security Appliance Software » Version: 9.8(2)
cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8\(2\):*:*:*:*:*:*:*
Matching versions
Cisco » Firepower Threat Defense » Version: 6.2.2
cpe:2.3:a:cisco:firepower_threat_defense:6.2.2:*:*:*:*:*:*:*
Matching versions
Cisco » Firepower Threat Defense » Version: 6.2.1
cpe:2.3:a:cisco:firepower_threat_defense:6.2.1:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2018-0230

Exploit prediction scoring system (EPSS) score for CVE-2018-0230

CVSS scores for CVE-2018-0230

CWE ids for CVE-2018-0230

References for CVE-2018-0230

Products affected by CVE-2018-0230