CVE-2018-15388

HIGH

Cisco ASA <9.4.4.34, >=9.5 <9.6.4.25 & FTD <6.2.3.12 - DoS via WebVPN Login

Title source: llm

Description

A vulnerability in the WebVPN login process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load for existing WebVPN login operations. An attacker could exploit this vulnerability by sending multiple WebVPN login requests to the device. A successful exploit could allow the attacker to increase CPU load on the device, resulting in a denial of service (DoS) condition.

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory x_refsource_cisco

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-sd-cpu-dos

Scores

CVSS v3 8.6

EPSS 0.0197

EPSS Percentile 77.9%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-400

Status published

Products (3)

cisco/adaptive_security_appliance_software < 9.4.4.34

cisco/adaptive_security_appliance_software 9.5 - 9.6.4.25

cisco/firepower_threat_defense < 6.2.3.12

Published May 03, 2019

Tracked Since Feb 18, 2026