CVE-2018-0472Improper Input Validation in Cisco Adaptive Security Appliance Software

CWE-20Improper Input Validation5 documents5 sources
Severity
8.6HIGHNVD
EPSS
14.9%
top 5.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Adaptive Security Appliance SoftwareCisco IOS XE
Timeline
PublishedOct 5
Latest updateMay 14

Description

A vulnerability in the IPsec driver code of multiple Cisco IOS XE Software platforms and the Cisco ASA 5500-X Series Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to improper processing of malformed IPsec Authentication Header (AH) or Encapsulating Security Payload (ESP) packets. An attacker could exploit this vulnerability by sending malformed IPsec packets to be processed by an affected device. An explo

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 3.9 | Impact: 4.0

Affected Packages2 packages

NVDcisco/ios_xe15.5\(3\)s5.36, 16.8.1+1

🔴Vulnerability Details

2
GHSA
GHSA-mj5q-hmjx-cx8j: A vulnerability in the IPsec driver code of multiple Cisco IOS XE Software platforms and the Cisco ASA 5500-X Series Adaptive Security Appliance (ASA)2022-05-14
CVEList
Cisco IOS XE Software and Cisco ASA 5500-X Series Adaptive Security Appliance IPsec Denial of Service Vulnerability2018-10-05

📋Vendor Advisories

2
CISA ICS
Rockwell Automation Stratix 59502019-04-05
Cisco
Cisco IOS XE Software and Cisco ASA 5500-X Series Adaptive Security Appliance IPsec Denial of Service Vulnerability2018-09-26
CVE-2018-0472 — Improper Input Validation in Cisco | cvebase