CVE-2018-0455 (CNNVD-201810-177)
中文标题:
Cisco Firepower System Software 安全漏洞
英文标题:
Cisco Firepower System Software Detection Engine Denial of Service Vulnerability
漏洞描述
中文描述:
Cisco Adaptive Security Appliance(ASA)5500-X Series with FirePOWER Services等都是美国思科(Cisco)公司的安全设备。Firepower System Software是使用在其中的一套防火墙操作系统。 Cisco Firepower System Software中的Server Message Block 2版本(SMBv2)和3版本(SMBv3)协议的实现存在拒绝服务漏洞,该漏洞源于程序没有正确的验证SMB包头。远程攻击者可利用该漏洞消耗大量的系统内存并阻止SNORT进程发送网络流量。以下产品受到影响:Cisco Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services;Adaptive Security Appliance (ASA) 5500-X Series Next-Generation Firewalls;Advanced Malware Protection (AMP) for Networks, 7000 Series Appliances;Advanced Malware Protection (AMP) for Networks, 8000 Series Appliances;Firepower 2100 Series Security Appliances;Firepower 4100 Series Security Appliances;FirePOWER 7000 Series Appliances;FirePOWER 8000 Series Appliances;Firepower 9300 Series Security Appliances;FirePOWER Threat Defense for Integrated Services Routers (ISRs);Firepower Threat Defense Virtual;Industrial Ethernet 3000 Series Switches;Next-Generation Intrusion Prevention System (NGIPSv);Virtual Next-Generation Intrusion Prevention System (NGIPSv)。
英文描述:
A vulnerability in the Server Message Block Version 2 (SMBv2) and Version 3 (SMBv3) protocol implementation for the Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the device to run low on system memory, possibly preventing the device from forwarding traffic. It is also possible that a manual reload of the device may be required to clear the condition. The vulnerability is due to incorrect SMB header validation. An attacker could exploit this vulnerability by sending a custom SMB file transfer through the targeted device. A successful exploit could cause the device to consume an excessive amount of system memory and prevent the SNORT process from forwarding network traffic. This vulnerability can be exploited using either IPv4 or IPv6 in combination with SMBv2 or SMBv3 network traffic.
CWE类型:
标签:
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| Cisco | Cisco FireSIGHT System Software | n/a | - | - |
cpe:2.3:a:cisco:cisco_firesight_system_software:n_a:*:*:*:*:*:*:*
|
| cisco | firepower_system_software | 6.0 | - | - |
cpe:2.3:a:cisco:firepower_system_software:6.0:*:*:*:*:*:*:*
|
| cisco | firepower_system_software | 6.0.1 | - | - |
cpe:2.3:a:cisco:firepower_system_software:6.0.1:*:*:*:*:*:*:*
|
| cisco | firepower_system_software | 6.1.0 | - | - |
cpe:2.3:a:cisco:firepower_system_software:6.1.0:*:*:*:*:*:*:*
|
| cisco | firepower_system_software | 6.2.0 | - | - |
cpe:2.3:a:cisco:firepower_system_software:6.2.0:*:*:*:*:*:*:*
|
| cisco | firepower_system_software | 6.2.0.2 | - | - |
cpe:2.3:a:cisco:firepower_system_software:6.2.0.2:*:*:*:*:*:*:*
|
| cisco | firepower_system_software | 6.2.1 | - | - |
cpe:2.3:a:cisco:firepower_system_software:6.2.1:*:*:*:*:*:*:*
|
| cisco | firepower_system_software | 6.2.2 | - | - |
cpe:2.3:a:cisco:firepower_system_software:6.2.2:*:*:*:*:*:*:*
|
| cisco | firepower_system_software | 6.2.3 | - | - |
cpe:2.3:a:cisco:firepower_system_software:6.2.3:*:*:*:*:*:*:*
|
解决方案
中文解决方案:
英文解决方案:
临时解决方案:
参考链接
cve.org
CVSS评分详情
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
时间信息
利用信息
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2018-0455 |
2025-11-11 15:19:35 | 2025-11-11 07:34:57 |
| NVD | nvd_CVE-2018-0455 |
2025-11-11 14:55:59 | 2025-11-11 07:43:33 |
| CNNVD | cnnvd_CNNVD-201810-177 |
2025-11-11 15:10:05 | 2025-11-11 07:54:04 |
版本与语言
安全公告
变更历史
查看详细变更
- vulnerability_type: 未提取 -> 授权问题
- cnnvd_id: 未提取 -> CNNVD-201810-177
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
查看详细变更
- severity: SeverityLevel.MEDIUM -> SeverityLevel.HIGH
- cvss_score: 未提取 -> 7.5
- cvss_vector: NOT_EXTRACTED -> CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- cvss_version: NOT_EXTRACTED -> 3.0
- affected_products_count: 1 -> 9
- data_sources: ['cve'] -> ['cve', 'nvd']