A vulnerability in the WebVPN login process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load for existing WebVPN login operations. An attacker could exploit this vulnerability by sending multiple WebVPN login requests to the device. A successful exploit could allow the attacker to increase CPU load on the device, resulting in a denial of service (DoS) condition.
References
Link | Resource |
---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-sd-cpu-dos | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
|
History
15 Aug 2023, 15:24
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:* |
Information
Published : 2019-05-03 15:29
Updated : 2024-02-28 17:08
NVD link : CVE-2018-15388
Mitre link : CVE-2018-15388
CVE.ORG link : CVE-2018-15388
JSON object : View
Products Affected
cisco
- asa_5512-x
- asa_5580
- asa_5505
- asa_5520
- asa_5550
- asa_5585-x
- asa_5555-x
- adaptive_security_appliance_software
- firepower_threat_defense
- asa_5525-x
- asa_5545-x
- asa_5540
- asa_5510
- asa_5515-x
CWE
CWE-400
Uncontrolled Resource Consumption