{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T01:13:50.605","vulnerabilities":[{"cve":{"id":"CVE-2018-0333","sourceIdentifier":"psirt@cisco.com","published":"2018-06-07T21:29:00.463","lastModified":"2024-11-26T16:09:02.407","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the VPN configuration management of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass VPN security due to unintended side effects of dynamic configuration changes that could allow an attacker to bypass configured policies. The vulnerability is due to incorrect management of the configured interface names and VPN parameters when dynamic CLI configuration changes are performed. An attacker could exploit this vulnerability by sending packets through an interface on the targeted device. A successful exploit could allow the attacker to bypass configured VPN policies. Cisco Bug IDs: CSCvh49388."},{"lang":"es","value":"Una vulnerabilidad en la gestión de configuración de VPN del software Cisco FireSIGHT System podría permitir que un atacante remoto no autenticado omita la seguridad VPN debido a efectos secundarios no planeados de los cambios de configuración dinámica que podrían permitir que un atacante omita las políticas configuradas. La vulnerabilidad se debe a la gestión incorrecta de los nombres de interfaz configurados y a los parámetros VPN cuando se realizan cambios de configuración dinámicos en la interfaz de línea de comandos. Un atacante podría explotar esta vulnerabilidad enviando paquetes a través de una interfaz al dispositivo objetivo. Su explotación con éxito podría permitir que el atacante omita las políticas VPN configuradas. Cisco Bug IDs: CSCvh49388."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-693"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-693"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:secure_firewall_management_center:6.2.2:*:*:*:*:*:*:*","matchCriteriaId":"3B5233F7-5743-467C-9C59-F5C51B47184A"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/104422","source":"psirt@cisco.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-FireSIGHT-vpn-bypass","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/104422","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-FireSIGHT-vpn-bypass","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}