Vulnerability Details : CVE-2018-0333
A vulnerability in the VPN configuration management of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass VPN security due to unintended side effects of dynamic configuration changes that could allow an attacker to bypass configured policies. The vulnerability is due to incorrect management of the configured interface names and VPN parameters when dynamic CLI configuration changes are performed. An attacker could exploit this vulnerability by sending packets through an interface on the targeted device. A successful exploit could allow the attacker to bypass configured VPN policies. Cisco Bug IDs: CSCvh49388.
Products affected by CVE-2018-0333
- cpe:2.3:a:cisco:firepower_management_center:6.2.2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-0333
0.10%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 40 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-0333
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
5.8
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N |
3.9
|
1.4
|
NIST |
CWE ids for CVE-2018-0333
-
The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.Assigned by:
- nvd@nist.gov (Primary)
- ykramarz@cisco.com (Secondary)
References for CVE-2018-0333
-
http://www.securityfocus.com/bid/104422
Cisco FireSIGHT System Software CVE-2018-0333 Remote Security Bypass VulnerabilityThird Party Advisory;VDB Entry
-
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-FireSIGHT-vpn-bypass
Cisco FireSIGHT System VPN Policy Bypass VulnerabilityVendor Advisory
Jump to