Rewterz Threat Advisory – CVE-2018-0472 Multiple Cisco Products Denial Of Service Vulnerability

Friday, April 5, 2019

Severity

High

Analysis Summary

CVE-2018-0472

The vulnerability is due to improper processing of malformed IPsec Authentication Header (AH) or Encapsulating Security Payload (ESP) packets. An attacker could exploit this vulnerability by sending malformed IPsec packets to be processed by an affected device. An exploit could allow the attacker to cause a reload of the affected device.

Impact

  • Denial of service
  • Device Reload

Affected Vendors

Cisco

Affected Products

  • Cisco IOS XE Software 0
  • Cisco Firepower Threat Defense Software (FTD) 6.2.3
  • Cisco Firepower Threat Defense Software (FTD) 6.2.2
  • Cisco Firepower Threat Defense Software (FTD) 6.2.1
  • Cisco Firepower Threat Defense Software (FTD) 6.2
  • Cisco ASR 1000 Series Routers 0
  • Cisco Adaptive Security Appliance (ASA) Software 9.9
  • Cisco Adaptive Security Appliance (ASA) Software 9.8
  • Cisco Adaptive Security Appliance (ASA) Software 9.7
  • Cisco Adaptive Security Appliance (ASA) Software 9.6
  • Cisco Adaptive Security Appliance (ASA) Software 9.5
  • Cisco Adaptive Security Appliance (ASA) Software 9.4
  • Cisco Adaptive Security Appliance (ASA) Software 9.3
  • Cisco Adaptive Security Appliance (ASA) 5500-X Series 0
  • Cisco 4000 Series 0

Remediation

Currently there are no workarounds available yet.

Data Sheets

Corporate Brochure


Our Story


Services


Solutions


Managed Security


Upcoming Rewterz Trainings/Events

Rewterz News

  • 2, May 2019 Rewterz Threat Advisory – CVE-2019-2725 – WebLogic Server Vulnerability
  • 11, April 2019 Rewterz threat Advisory – Microsoft Internet Explorer Multiple Vulnerabilities
  • 11, April 2019 Rewterz Threat Advisory – Microsoft SharePoint Multiple Products Multiple Script Insertion Vulnerabilities
  • 11, April 2019 Rewterz Threat Advisory – Microsoft Exchange Server OWA Multiple Spoofing Vulnerabilities

Copyright © Rewterz. All rights reserved.