Cisco security equipment is targeted at DoS attacks through an old vulnerability

A critical flaw that was successfully discovered and patched in mid-2018 has been reported to reappear on Cisco Adaptive Security (ASA) and Firepower devices.

A critical flaw that was successfully discovered and patched in mid-2018 was reported to reappear on Cisco Adaptive Security (ASA) and Firepower devices, enabling hackers to deploy attacks. public DoS.

Cisco has now issued a warning to customers and called for compliance with stated security recommendations to minimize risks from the vulnerability.

The aforementioned security vulnerability was tracked with the identifier CVE-2018-0296, which could be abused by remote, unauthenticated attackers, causing the device to constantly reload by sending a generated HTTP request. handmade.

In addition, an attacker could also exploit a vulnerability to gain access to sensitive information on the system without authentication. This can be achieved through path transmission techniques on the affected device.

Picture 1 of Cisco security equipment is targeted at DoS attacks through an old vulnerability

The flaw was actually patched last year, but it suddenly showed signs of coming back over the past few weeks, with the number of reported cases soaring, so serious that Cisco had to issue them. The notice recommends that ASA and Firepower users check, upgrade and update software to ensure safety.

Risk check

Administrators want to determine if the devices they manage are affected by CVE-2018-0296, run the following command:

 show asp table socket | include SSL | DTLS 

The existence of the vulnerability will be displayed according to the state of the socket. To find out the status of the vulnerability of the device, use the following command:

 show processes | include Unicorn 

This process will work for devices that are at high risk of being affected by the vulnerability.

In the above case, to accurately determine the potential risk, an administrator should check if the software version running on his device is on the list of versions affected by the error, has been specified by Cisco in this notice.

The reason you should check before deciding to update the code to a newer version is because the flaw is in the web framework of ASA / Firepower products, so not all devices are affected.

Update 24 December 2019
Category

System

Mac OS X

Hardware

Game

Tech info

Technology

Science

Life

Application

Electric

Program

Mobile