{"containers": {"cna": {"affected": [{"product": "Cisco FireSIGHT System Software", "vendor": "Cisco", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-10-03T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the Server Message Block Version 2 (SMBv2) and Version 3 (SMBv3) protocol implementation for the Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the device to run low on system memory, possibly preventing the device from forwarding traffic. It is also possible that a manual reload of the device may be required to clear the condition. The vulnerability is due to incorrect SMB header validation. An attacker could exploit this vulnerability by sending a custom SMB file transfer through the targeted device. A successful exploit could cause the device to consume an excessive amount of system memory and prevent the SNORT process from forwarding network traffic. This vulnerability can be exploited using either IPv4 or IPv6 in combination with SMBv2 or SMBv3 network traffic."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-19", "description": "CWE-19", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2018-10-05T13:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20181003 Cisco Firepower System Software Detection Engine Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-fp-smb-snort"}], "source": {"advisory": "cisco-sa-20181003-fp-smb-snort", "defect": [["CSCvg28189"]], "discovery": "UNKNOWN"}, "title": "Cisco Firepower System Software Detection Engine Denial of Service Vulnerability", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2018-10-03T16:00:00-0500", "ID": "CVE-2018-0455", "STATE": "PUBLIC", "TITLE": "Cisco Firepower System Software Detection Engine Denial of Service Vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco FireSIGHT System Software", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the Server Message Block Version 2 (SMBv2) and Version 3 (SMBv3) protocol implementation for the Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the device to run low on system memory, possibly preventing the device from forwarding traffic. It is also possible that a manual reload of the device may be required to clear the condition. The vulnerability is due to incorrect SMB header validation. An attacker could exploit this vulnerability by sending a custom SMB file transfer through the targeted device. A successful exploit could cause the device to consume an excessive amount of system memory and prevent the SNORT process from forwarding network traffic. This vulnerability can be exploited using either IPv4 or IPv6 in combination with SMBv2 or SMBv3 network traffic."}]}, "impact": {"cvss": {"baseScore": "8.6", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-19"}]}]}, "references": {"reference_data": [{"name": "20181003 Cisco Firepower System Software Detection Engine Denial of Service Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-fp-smb-snort"}]}, "source": {"advisory": "cisco-sa-20181003-fp-smb-snort", "defect": [["CSCvg28189"]], "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T03:28:10.726Z"}, "title": "CVE Program Container", "references": [{"name": "20181003 Cisco Firepower System Software Detection Engine Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-fp-smb-snort"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2018-0455", "datePublished": "2018-10-05T14:00:00Z", "dateReserved": "2017-11-27T00:00:00", "dateUpdated": "2024-09-16T17:44:06.813Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:firepower_system_software:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "A504C162-765A-492B-8C64-215852EA8009", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_system_software:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "9DBD0BFC-5D6C-4B24-927E-AA5252A95413", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_system_software:6.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "C21E1138-657A-43FA-80E6-1D59AF047106", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_system_software:6.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C01DE3FF-0209-420E-9810-A1ABBE41569F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_system_software:6.2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "1C81C427-4CB8-42C9-9D13-7A8CC461415A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_system_software:6.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "2EEC695C-5F64-47F4-8A0A-BB0D609ABCEF", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_system_software:6.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "BAC97940-1192-4997-A354-9AA5791A5E22", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_system_software:6.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "ED1C2EF2-A080-4D26-AC62-B5E482E1F513", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the Server Message Block Version 2 (SMBv2) and Version 3 (SMBv3) protocol implementation for the Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the device to run low on system memory, possibly preventing the device from forwarding traffic. It is also possible that a manual reload of the device may be required to clear the condition. The vulnerability is due to incorrect SMB header validation. An attacker could exploit this vulnerability by sending a custom SMB file transfer through the targeted device. A successful exploit could cause the device to consume an excessive amount of system memory and prevent the SNORT process from forwarding network traffic. This vulnerability can be exploited using either IPv4 or IPv6 in combination with SMBv2 or SMBv3 network traffic."}, {"lang": "es", "value": "Una vulnerabilidad en la implementaci\u00f3n del protocolo Server Message Block Version 2 (SMBv2) y Version 3 (SMBv3) para Cisco Firepower System Software podr\u00eda permitir que un atacante remoto no autenticado haga que el dispositivo se quede sin memoria en el sistema, lo que posiblemente impida que el dispositivo reenv\u00ede el tr\u00e1fico. Tambi\u00e9n es posible que se requiera un reinicio manual del dispositivo para eliminar la condici\u00f3n. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de las cabeceras SMB. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n de transferencia de archivos SMB personalizada al dispositivo objetivo. Su explotaci\u00f3n con \u00e9xito podr\u00eda provocar que el dispositivo consuma una cantidad excesiva de memoria del sistema y evite que el proceso SNORT redirija tr\u00e1fico de red. Esta vulnerabilidad se puede explotar usando IPV4 o IPv6 en combinaci\u00f3n con tr\u00e1fico de red SMBv2 o SMBv3."}], "id": "CVE-2018-0455", "lastModified": "2019-10-09T23:32:07.397", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-10-05T14:29:03.560", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-fp-smb-snort"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-19"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}

{}