CVE-2018-15454: Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Denial of Service Vulnerability
First published: Wed Oct 31 2018(Updated: )
A vulnerability in the Session Initiation Protocol (SIP) inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload or trigger high CPU, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of SIP traffic. An attacker could exploit this vulnerability by sending SIP requests designed to specifically trigger this issue at a high rate across an affected device. Software updates that address this vulnerability are not yet available.
Credit: ykramarz@cisco.com ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Adaptive Security Appliance | >=9.4<9.4.4.27 | |
| Cisco Adaptive Security Appliance | >=9.6<9.6.4.18 | |
| Cisco Adaptive Security Appliance | >=9.8<9.8.3.16 | |
| Cisco Adaptive Security Appliance | >=9.9<9.9.2.32 | |
| Cisco Adaptive Security Appliance | >=9.10<9.10.1.2 | |
| Cisco Firepower Threat Defense | >=6.1.0<6.1.0.7 | |
| Cisco Firepower Threat Defense | >=6.2.0<6.2.0.6 | |
| Cisco Firepower Threat Defense | >=6.2.2<6.2.2.4 | |
| Cisco Firepower Threat Defense | >=6.2.3<6.2.3.7 | |
| Cisco Adaptive Security Appliance Software | >=9.4<9.4.4.27 | |
| Cisco Adaptive Security Appliance Software | >=9.6<9.6.4.18 | |
| Cisco Adaptive Security Appliance Software | >=9.8<9.8.3.16 | |
| Cisco Adaptive Security Appliance Software | >=9.9<9.9.2.32 | |
| Cisco Adaptive Security Appliance Software | >=9.10<9.10.1.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-15454?
CVE-2018-15454 is rated as high severity due to its potential to allow remote attackers to cause a reload or high CPU usage on affected devices.
How do I fix CVE-2018-15454?
To fix CVE-2018-15454, update your Cisco Adaptive Security Appliance or Firepower Threat Defense software to the latest recommended versions.
Which devices are affected by CVE-2018-15454?
CVE-2018-15454 affects specific versions of Cisco Adaptive Security Appliance and Firepower Threat Defense software.
Can CVE-2018-15454 be exploited remotely?
Yes, CVE-2018-15454 can be exploited by unauthenticated remote attackers.
What impact does CVE-2018-15454 have on network operations?
CVE-2018-15454 can cause affected devices to reload or experience high CPU usage, potentially disrupting network operations.
- agent/author
- agent/type
- agent/softwarecombine
- agent/references
- agent/weakness
- agent/title
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/cisco
- canonical/cisco adaptive security appliance
- version/cisco adaptive security appliance/9.4
- version/cisco adaptive security appliance/9.6
- version/cisco adaptive security appliance/9.8
- version/cisco adaptive security appliance/9.9
- version/cisco adaptive security appliance/9.10
- canonical/cisco firepower threat defense
- version/cisco firepower threat defense/6.1.0
- version/cisco firepower threat defense/6.2.0
- version/cisco firepower threat defense/6.2.2
- version/cisco firepower threat defense/6.2.3
- canonical/cisco adaptive security appliance software
- version/cisco adaptive security appliance software/9.4
- version/cisco adaptive security appliance software/9.6
- version/cisco adaptive security appliance software/9.8
- version/cisco adaptive security appliance software/9.9
- version/cisco adaptive security appliance software/9.10