Cisco : PSIRT Notice About Public Exploitation of the Cisco ASA Web Services Denial of Service Vulnerability
June 22, 2018 at 02:43 pm EDT
Share
PSIRT is aware of public exploitation of the Cisco Adaptive Security Appliance Web Services Denial of Service Vulnerability identified by Cisco bug ID CSCvi16029 and CVE ID CVE-2018-0296. This vulnerability was disclosed on the 6th of June 2018.
This vulnerability could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. Only a denial of service condition (device reload) has been observed by Cisco.
Note: This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software.
Cisco strongly recommends that customers upgrade to a fixed software release to remediate this issue.
Please refer to the security advisory to obtain detailed information about affected and fixed releases, as well as how to determine if your device is impacted by this vulnerability.
Tags:
Attachments
Original document
Permalink
Disclaimer
Cisco Systems Inc. published this content on 22 June 2018 and is solely responsible for the information contained herein. Distributed by Public, unedited and unaltered, on 22 June 2018 18:42:03 UTC
Cisco Systems, Inc. is the world leader in designing, developing, and marketing Internet network equipment. Net sales break down by family of products and services as follows:
- network equipment (68.9%); switches and routers, technological software and systems (storage, Internet access, and security systems, wiring, gateways, connection interfaces and modules, etc.), etc.;
- services (24.3%): technical assistance, network design, execution, and integration services, etc.;
- security products (6.8%).
Net sales are distributed geographically as follows: Americas (58.7%), Europe/Middle East/Africa (26.6%) and Asia/Pacific (14.7%).