CVE-2018-0228

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Software (affected versions not specified)

Description A vulnerability in the ingress flow creation functionality could allow an unauthenticated, remote attacker to cause the CPU to increase upwards of 100% utilization, causing a denial of service (DoS) condition on an affected system. The vulnerability is due to incorrect handling of an internal software lock that could prevent other system processes from getting CPU cycles, causing a high CPU condition. An attacker could exploit this vulnerability by sending a steady stream of malicious IP packets that can cause connections to be created on the targeted device. This vulnerability applies to either IPv4 or IPv6 ingress traffic.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.