CVE-2018-0281 — Cleartext Transmission of Sensitive Info in Cisco Secure Firewall Management Center

CWE-310 CWE-319 — Cleartext Transmission of Sensitive Info4 documents4 sources

Severity

5.8MEDIUMNVD

EPSS

0.4%

top 37.19%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Secure Firewall Management Center

Timeline

PublishedMay 2

Latest updateMay 13

Description

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to restart an instance of the Snort detection engine on an affected device, resulting in a brief denial of service (DoS) condition. The vulnerability is due to the incorrect handling of a Transport Layer Security (TLS) extension during TLS connection setup for the affected software. An attacker could exploit this vulnerability by sending a crafted TLS connection setup reques…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages1 packages

▶NVDcisco/secure_firewall_management_center5 versions+4

🔴Vulnerability Details

GHSA

GHSA-rxwv-fjmr-f6q2: A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to restart an instance of t↗2022-05-13

▶

CVEList

CVE-2018-0281: A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to restart an instance of t↗2018-05-02

▶

📋Vendor Advisories

Cisco

Cisco Firepower System Software Transport Layer Security Extensions Denial of Service Vulnerability↗2018-05-02

▶