Shulou(Shulou.com)06/01 Report--

This article is about what the Cisco Adaptive Security Appliance Web application denial of service vulnerability refers to. The editor thinks it is very practical, so I share it with you. I hope you can get something after reading this article. Let's take a look at it with the editor.

0x00 vulnerability description

360-CERT has detected that a security researcher has recently released an attack code for Cisco products, which affects some Cisco ASA devices / software, which may cause a denial of service or disclosure of some sensitive information, vulnerability number CVE-2018-0296. Cisco recommends that relevant users carry out evaluation and upgrade processing as soon as possible.

According to Cisco's description:

The vulnerability is located in the Web service interface in Cisco ASA devices / software and allows attackers to launch attacks remotely without logging in, which could eventually lead to a denial of service attack or disclosure of sensitive information on affected target devices.

The main reason for the vulnerability is that the corresponding Web service interface lacks sufficient inspection of HTTP input, and the attack can trigger the vulnerability by constructing a HTTP request message.

At present, the relevant attack code has been released, which may cause DoS or leak the current directory and all files and active session,360-CERT under "+ CSCOE+". It is recommended that relevant users evaluate the update as soon as possible.

0x01 vulnerability impact surface

The threat level of this vulnerability is important and it is recommended to evaluate and update it.

Affected equipment model

3000 Series Industrial Security Appliance (ISA)

ASA 1000V Cloud Firewall

ASA 5500 Series Adaptive Security Appliances

ASA 5500Murx Series Next-Generation Firewalls

ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers

Adaptive Security Virtual Appliance (ASAv)

Firepower 2100 Series Security Appliance

Firepower 4100 Series Security Appliance

Firepower 9300 ASA Security Module

FTD Virtual (FTDv)

Potentially affected software

0x02 repair scheme

It is recommended to refer to the login Cisco announcement to update: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd

The above is what the Cisco Adaptive Security Appliance Web application denial of service vulnerability refers to, and the editor believes that there are some knowledge points that we may see or use in our daily work. I hope you can learn more from this article. For more details, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.