National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Vulnerability Change Record for CVE-2018-0101

Change History

Initial Analysis - 2/28/2018 1:22:35 PM

Action Type Old Value New Value
Added CWE
CWE-415
Changed Reference Type
http://www.securityfocus.com/bid/102845 No Types Assigned
http://www.securityfocus.com/bid/102845 Third Party Advisory, VDB Entry
Changed Reference Type
https://icanthackit.wordpress.com/2018/01/30/thoughts-on-the-handling-cve-2018-0101-cisco-bug-cscvg35618/ No Types Assigned
https://icanthackit.wordpress.com/2018/01/30/thoughts-on-the-handling-cve-2018-0101-cisco-bug-cscvg35618/ Third Party Advisory
Added CPE Configuration
OR
     *cpe:2.3:a:cisco:firepower_threat_defense:6.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:cisco:firepower_threat_defense:6.0.1:*:*:*:*:*:*:*
     *cpe:2.3:a:cisco:firepower_threat_defense:6.1.0:*:*:*:*:*:*:*
     *cpe:2.3:a:cisco:firepower_threat_defense:6.2.0:*:*:*:*:*:*:*
     *cpe:2.3:a:cisco:firepower_threat_defense:6.2.1:*:*:*:*:*:*:*
     *cpe:2.3:a:cisco:firepower_threat_defense:6.2.2:*:*:*:*:*:*:*
Changed Reference Type
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1 No Types Assigned
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1 Vendor Advisory
Added CVSS V3
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Changed Reference Type
http://www.securitytracker.com/id/1040292 No Types Assigned
http://www.securitytracker.com/id/1040292 Third Party Advisory, VDB Entry
Changed Reference Type
https://www.exploit-db.com/exploits/43986/ No Types Assigned
https://www.exploit-db.com/exploits/43986/ Exploit, Third Party Advisory, VDB Entry
Added CPE Configuration
OR
     *cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:* versions up to (excluding) 9.1.7.23
     *cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:* versions from (including) 9.2.0 up to (excluding) 9.2.4.27
     *cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:* versions from (including) 9.3.0 up to (excluding) 9.4.4.16
     *cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:* versions from (including) 9.5.0 up to (excluding) 9.6.4.3
     *cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:* versions from (including) 9.7.0 up to (excluding) 9.7.1.21
     *cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:* versions from (including) 9.8.0 up to (excluding) 9.8.2.20
     *cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:* versions from (including) 9.9.0 up to (excluding) 9.9.1.2
Added CVSS V2
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Changed Reference Type
https://pastebin.com/YrBcG2Ln No Types Assigned
https://pastebin.com/YrBcG2Ln Exploit, Third Party Advisory