CVE-2018-0240 (CNNVD-201804-1102)
中文标题:
多款Cisco产品Adaptive Security Appliance和Firepower Threat Defense Software 资源管理错误漏洞
英文标题:
Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Secu...
漏洞描述
中文描述:
Cisco 3000 Series Industrial Security Appliances(ISR)等都是美国思科(Cisco)公司的安全防火墙设备。Adaptive Security Appliance(ASA)和Firepower Threat Defense(FTD)Software都是使用在Cisco不同安全设备中的防火墙软件。 多款Cisco产品中的ASA和FTD Software的Application Layer Protocol Inspection功能存在资源管理错误漏洞,该漏洞源于程序存在逻辑错误。远程攻击者可通过发送大量恶意的流量利用该漏洞造成拒绝服务(死锁和重新加载)。以下产品受到影响:Cisco 3000 Series Industrial Security Appliance (ISA);ASA 5500 Series Adaptive Security Appliances;ASA 5500-X Series Next-Generation Firewalls;ASA Services Module for Cisco Catalyst 6500 Series Switches和Cisco 7600 Series Routers;Adaptive Security Virtual Appliance (ASAv);Firepower 2100 Series Security Appliance;Firepower 4100 Series Security Appliance;Firepower 9300 ASA Security Module;FTD Virtual (FTDv);Adaptive Security Appliance Software 9.6版本,9.7版本,9.8版本,9.9版本;Firepower Threat Defense Software 6.1.0版本,6.2.0版本,6.2.1版本,6.2.2版本。
英文描述:
Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerabilities are due to logical errors during traffic inspection. An attacker could exploit these vulnerabilities by sending a high volume of malicious traffic across an affected device. An exploit could allow the attacker to cause a deadlock condition, resulting in a reload of an affected device. These vulnerabilities affect Cisco ASA Software and Cisco FTD Software configured for Application Layer Protocol Inspection running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCve61540, CSCvh23085, CSCvh95456.
CWE类型:
标签:
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| cisco | firepower_threat_defense | * | - | - |
cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*
|
| cisco | adaptive_security_appliance_software | * | - | - |
cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*
|
解决方案
中文解决方案:
英文解决方案:
临时解决方案:
CVSS评分详情
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
时间信息
利用信息
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2018-0240 |
2025-11-11 15:19:35 | 2025-11-11 07:34:56 |
| NVD | nvd_CVE-2018-0240 |
2025-11-11 14:55:54 | 2025-11-11 07:43:33 |
| CNNVD | cnnvd_CNNVD-201804-1102 |
2025-11-11 15:10:00 | 2025-11-11 07:53:39 |
版本与语言
安全公告
变更历史
查看详细变更
- vulnerability_type: 未提取 -> 资源管理错误
- cnnvd_id: 未提取 -> CNNVD-201804-1102
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
查看详细变更
- severity: SeverityLevel.MEDIUM -> SeverityLevel.HIGH
- cvss_score: 未提取 -> 8.6
- cvss_vector: NOT_EXTRACTED -> CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
- cvss_version: NOT_EXTRACTED -> 3.1
- affected_products_count: 0 -> 2
- data_sources: ['cve'] -> ['cve', 'nvd']