Rewterz Threat Advisory – CVE-2018-0472 Multiple Cisco Products Denial Of Service Vulnerability

Friday, April 5, 2019

Severity

High

Analysis Summary

CVE-2018-0472

The vulnerability is due to improper processing of malformed IPsec Authentication Header (AH) or Encapsulating Security Payload (ESP) packets. An attacker could exploit this vulnerability by sending malformed IPsec packets to be processed by an affected device. An exploit could allow the attacker to cause a reload of the affected device.

Impact

  • Denial of service
  • Device Reload

Affected Vendors

Cisco

Affected Products

  • Cisco IOS XE Software 0
  • Cisco Firepower Threat Defense Software (FTD) 6.2.3
  • Cisco Firepower Threat Defense Software (FTD) 6.2.2
  • Cisco Firepower Threat Defense Software (FTD) 6.2.1
  • Cisco Firepower Threat Defense Software (FTD) 6.2
  • Cisco ASR 1000 Series Routers 0
  • Cisco Adaptive Security Appliance (ASA) Software 9.9
  • Cisco Adaptive Security Appliance (ASA) Software 9.8
  • Cisco Adaptive Security Appliance (ASA) Software 9.7
  • Cisco Adaptive Security Appliance (ASA) Software 9.6
  • Cisco Adaptive Security Appliance (ASA) Software 9.5
  • Cisco Adaptive Security Appliance (ASA) Software 9.4
  • Cisco Adaptive Security Appliance (ASA) Software 9.3
  • Cisco Adaptive Security Appliance (ASA) 5500-X Series 0
  • Cisco 4000 Series 0

Remediation

Currently there are no workarounds available yet.

Data Sheets

Corporate Brochure


Our Story


Services


Solutions


Managed Security


Upcoming Rewterz Trainings/Events

Rewterz News

  • 22, August 2019 Rewterz Threat Advisory – CVE-2019-15295 – BitDefender Antivirus Free 2020 – Privilege Escalation to SYSTEM
  • 22, August 2019 Rewterz Threat Alert – Banks All over the World Attacked by Silence Advanced Hackers
  • 22, August 2019 Rewterz Threat Alert – Adwind Bypasses Microsoft ATP to Attack Utilities Industry
  • 21, August 2019 Rewterz Threat Advisory – Multiple vulnerabilities fixed in VLC media player

Copyright © Rewterz. All rights reserved.