Cisco Adaptive Security Appliance

Reference:
Advisory #2018-04

Version:
2.0

Affected software:
Cisco Adaptive Security Appliance (ASA) Software

Type:
Denial-of-Service (DoS) and remote code execution (Administrator/Root)

CVE/CVSS:
CVE-2018-0101

Sources

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1

https://gist.github.com/fox-srt/09401dfdfc15652b22956b9cc59f71cb

https://blogs.cisco.com/security/cve-2018-0101

​

Risks

Description

A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code.

The vulnerability is due to an attempt to free a region of the memory for a second time when the webvpn feature is enabled on the Cisco ASA device. An attacker could exploit this vulnerability by sending multiple, crafted XML packets to a webvpn-configured interface on the affected system.

After further investigation, Cisco has identified additional attack vectors and features that are affected by this vulnerability. In addition, it was also found that the original fix was incomplete so new fixed code versions are now available. Check the fixed software section here:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1#fixed

Recommended Actions

References