Vulnerabilities > CVE-2018-0227 - Improper Certificate Validation vulnerability in Cisco products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
NONE
network
low complexity
cisco
CWE-295
nessus

Summary

A vulnerability in the Secure Sockets Layer (SSL) Virtual Private Network (VPN) Client Certificate Authentication feature for Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to establish an SSL VPN connection and bypass certain SSL certificate verification steps. The vulnerability is due to incorrect verification of the SSL Client Certificate. An attacker could exploit this vulnerability by connecting to the ASA VPN without a proper private key and certificate pair. A successful exploit could allow the attacker to establish an SSL VPN connection to the ASA when the connection should have been rejected. This vulnerability affects Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliances (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliances (ASAv), Firepower 4110 Security Appliances, Firepower 9300 ASA Security Modules. Cisco Bug IDs: CSCvg40155.

Vulnerable Configurations

Part Description Count
OS
Cisco
21
Application
Cisco
14

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Creating a Rogue Certificate Authority Certificate
    An attacker exploits a weakness in the MD5 hash algorithm (weak collision resistance) to generate a certificate signing request (CSR) that contains collision blocks in the "to be signed" part. The attacker specially crafts two different, but valid X.509 certificates that when hashed with the MD5 algorithm would yield the same value. The attacker then sends the CSR for one of the certificates to the Certification Authority which uses the MD5 hashing algorithm. That request is completely valid and the Certificate Authority issues an X.509 certificate to the attacker which is signed with its private key. An attacker then takes that signed blob and inserts it into another X.509 certificate that the attacker generated. Due to the MD5 collision, both certificates, though different, hash to the same value and so the signed blob works just as well in the second certificate. The net effect is that the attackers' second X.509 certificate, which the Certification Authority has never seen, is now signed and validated by that Certification Authority. To make the attack more interesting, the second certificate could be not just a regular certificate, but rather itself a signing certificate. Thus the attacker is able to start their own Certification Authority that is anchored in its root of trust in the legitimate Certification Authority that has signed the attackers' first X.509 certificate. If the original Certificate Authority was accepted by default by browsers, so will now the Certificate Authority set up by the attacker and of course any certificates that it signs. So the attacker is now able to generate any SSL certificates to impersonate any web server, and the user's browser will not issue any warning to the victim. This can be used to compromise HTTPS communications and other types of systems where PKI and X.509 certificates may be used (e.g., VPN, IPSec) .

Nessus

  • NASL familyCISCO
    NASL idCISCO-SA-20180418-ASA1.NASL
    descriptionAccording to its self-reported version the Cisco Adaptive Security Appliance (ASA) software running on the remote device is affected by multiple vulnerabilities. Please see the included Cisco BIDs and Cisco Security Advisories for more information.
    last seen2020-06-01
    modified2020-06-02
    plugin id109404
    published2018-04-27
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/109404
    titleCisco ASA Multiple Vulnerabilities (cisco-sa-20180418-asa1 / cisco-sa-20180418-asa2 / cisco-sa-20180418-asa3 / cisco-sa-20180418-asaanyconnect / cisco-sa-20180418-asa_inspect)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(109404);
      script_version("1.7");
      script_cvs_date("Date: 2020/01/17");
    
      script_cve_id(
        "CVE-2018-0227",
        "CVE-2018-0228",
        "CVE-2018-0229",
        "CVE-2018-0231",
        "CVE-2018-0240"
      );
      script_bugtraq_id(103934, 103939);
      script_xref(name:"CISCO-BUG-ID", value:"CSCvg40155");
      script_xref(name:"CISCO-BUG-ID", value:"CSCvf63718");
      script_xref(name:"CISCO-BUG-ID", value:"CSCve18902");
      script_xref(name:"CISCO-BUG-ID", value:"CSCve34335");
      script_xref(name:"CISCO-BUG-ID", value:"CSCve38446");
      script_xref(name:"CISCO-BUG-ID", value:"CSCvg65072");
      script_xref(name:"CISCO-BUG-ID", value:"CSCvh87448");
      script_xref(name:"CISCO-BUG-ID", value:"CSCve61540");
      script_xref(name:"CISCO-BUG-ID", value:"CSCvh23085");
      script_xref(name:"CISCO-BUG-ID", value:"CSCvh95456");
      script_xref(name:"CISCO-SA", value:"cisco-sa-20180418-asa1");
      script_xref(name:"CISCO-SA", value:"cisco-sa-20180418-asa2");
      script_xref(name:"CISCO-SA", value:"cisco-sa-20180418-asa3");
      script_xref(name:"CISCO-SA", value:"cisco-sa-20180418-asaanyconnect");
      script_xref(name:"CISCO-SA", value:"cisco-sa-20180418-asa_inspect");
    
      script_name(english:"Cisco ASA Multiple Vulnerabilities (cisco-sa-20180418-asa1 / cisco-sa-20180418-asa2 / cisco-sa-20180418-asa3 / cisco-sa-20180418-asaanyconnect / cisco-sa-20180418-asa_inspect)");
      script_summary(english:"Checks the ASA version.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote device is missing a vendor-supplied security patch.");
      script_set_attribute(attribute:"description", value:
    "According to its self-reported version the Cisco Adaptive Security
    Appliance (ASA) software running on the remote device is affected by
    multiple vulnerabilities. Please see the included Cisco BIDs and Cisco
    Security Advisories for more information.");
      # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa1
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3022fd51");
      # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa2
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d86bee0f");
      # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?72e6e924");
      # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asaanyconnect
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?496f5656");
      # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?dcd24031");
      script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvg40155");
      script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvf63718");
      script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCve18902");
      script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCve34335");
      script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCve38446");
      script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvg65072");
      script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvh87448");
      script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCve61540");
      script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvh23085");
      script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvh95456");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to the relevant fixed version referenced in Cisco security
    advisory cisco-sa-20180418-asa1.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-0227");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/18");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/04/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2018/04/27");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:adaptive_security_appliance_software");
      script_set_attribute(attribute:"potential_vulnerability", value:"true");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"CISCO");
    
      script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl", "os_fingerprint.nasl");
      script_require_keys("Host/Cisco/ASA", "Host/Cisco/ASA/model", "Settings/ParanoidReport");
    
      exit(0);
    }
    
    include("audit.inc");
    include("cisco_func.inc");
    include("cisco_kb_cmd_func.inc");
    
    if (report_paranoia < 2) audit(AUDIT_PARANOID);
    
    asa = get_kb_item_or_exit('Host/Cisco/ASA');
    model = get_kb_item_or_exit('Host/Cisco/ASA/model');
    
    version = extract_asa_version(asa);
    if (isnull(version)) audit(AUDIT_FN_FAIL, 'extract_asa_version');
    
    if (
      model !~ '^55[0-9][0-9]($|[^0-9])' && # 5500 & 5500-X
      model !~ '^65[0-9][0-9]($|[^0-9])' && # 6500
      model !~ '^76[0-9][0-9]($|[^0-9])' && # 7600
      model !~ '^93[0-9][0-9]($|[^0-9])' && # Firepower 9300 ASA
      model !~ '^21[0-9][0-9]($|[^0-9])' && # Firepower 2100 SSA
      model !~ '^411[0-9]($|[^0-9])'     && # Firepower 4110 SA
      model !~ '^30[0-9][0-9]($|[^0-9])' && # ISA 3000
      model != 'v' # ASAv
    ) audit(AUDIT_HOST_NOT, "an affected Cisco ASA product");
    
    cbi = 'CSCvg40155, CSCvf63718, CSCve18902, CSCve34335, CSCve38446, CSCvg65072, CSCvh87448, CSCve61540, CSCvh23085, and CSCvh95456';
    
    if (version =~ "^[0-8]\.")
      fixed_ver = "9.1(7.20)";
    else if (version =~ "^9\.0[^0-9]")
      fixed_ver = "9.1(7.20)";
    else if (version =~ "^9\.1[^0-9]" && check_asa_release(version:version, patched:"9.1(7.20)"))
      fixed_ver = "9.1(7.20)";
    else if (version =~ "^9\.2[^0-9]" && check_asa_release(version:version, patched:"9.2(4.27)"))
      fixed_ver = "9.2(4.27)";
    else if (version =~ "^9\.3[^0-9]")
      fixed_ver = "9.4(4.14)";
    else if (version =~ "^9\.4[^0-9]" && check_asa_release(version:version, patched:"9.4(4.14)"))
      fixed_ver = "9.4(4.14)";
    else if (version =~ "^9\.5[^0-9]")
      fixed_ver = "9.6(4.6)";
    else if (version =~ "^9\.6[^0-9]" && check_asa_release(version:version, patched:"9.6(4.6)"))
      fixed_ver = "9.6(4.6)";
    else if (version =~ "^9\.7[^0-9]" && check_asa_release(version:version, patched:"9.7(1.24)"))
      fixed_ver = "9.7(1.24)";
    else if (version =~ "^9\.8[^0-9]" && check_asa_release(version:version, patched:"9.8(2.28)"))
      fixed_ver = "9.8(2.28)";
    else if (version =~ "^9\.9[^0-9]" && check_asa_release(version:version, patched:"9.9(2.1)"))
      fixed_ver = "9.9(2.1)";
    else audit(AUDIT_INST_VER_NOT_VULN, "Cisco ASA software", version);
    
    security_report_cisco(
        port     : 0,
        severity : SECURITY_WARNING,
        version  : version,
        bug_id   : cbi,
        fix      : fixed_ver
    );
    
    
  • NASL familyCISCO
    NASL idCISCO-SA-20180418-ASA1-FTD.NASL
    descriptionAccording to its self-reported version the Cisco Firepower Threat Defense (FTD) software running on the remote device is affected by multiple vulnerabilities. Please see the included Cisco BIDs and Cisco Security Advisories for more information. Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id133044
    published2020-01-17
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133044
    titleCisco FTD Multiple Vulnerabilities (cisco-sa-20180418-asa1 / cisco-sa-20180418-asa2 / cisco-sa-20180418-asa3 / cisco-sa-20180418-asaanyconnect / cisco-sa-20180418-asa_inspect)
    code
    #TRUSTED 3e639d33eb12b2a6998ea518129607fad3de3c5de6d14a65229c9ffd9f0f21af937c7bdb8fbb8a739f878c05e63fd61f2ff24cc32003b37b17d580b295b30ed119d00636a08aff1f04fe9aa65ddf004e361766498f7d6d1c0b02b2f3de946e7529769c7af4bcf4b6217fe287cefd5d032d5ac29c2be12e956641030dda24ce964cf9c8a86ca3e0e05e5a39b38573b3daf4e1c19aa9a3c405bf463443dbab1fbe8dddcfca4f7a591b4b466fb3c71e0d5fe9895dafde4d47983950f17b0e2a95354957675d9bba53484deafe993c15ed7cb5fdcfee0c0bd1f151568d7c9c46a02aadb6c9541683eace90af39fea052facfaf37109c120f8e5903b87dc91f05bb3c45ff23f247101c50c18b719b0106bb2c0b30ea8524ed3a077175822a25d2f7ab3649b6b7585a3f27b3fcf2ea58ee1bd6ca9b7a2392e0c005c9d3c587c35ac6ab5c2c09ddc76ed5ed8d9556c5294dc51ad2ce61ba5aff775796defcfa6e59bfcaf0338e61afe46910a91c8fd9864b555e8e870aa536731595a5e0ae129164f36669250e3d2717a27d83062b5ec37b834e238263be4076820d6bd6fb9b6cc9e4dd4fac845b985d21819fabbae24a7cd3adbd6cbff0b39a66f0d31e6ec400c6e67103ef5eb507d267053d1ee00607c6fa96d1c7c096dd239778d90b3e6e41d3dd64b61e08b355b53cb69f92538fd3e8e55bc44955a5b5a54b3c24faa890a0ad8832
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(133044);
      script_version("1.2");
      script_cvs_date("Date: 2020/01/17");
    
      script_cve_id(
        "CVE-2018-0227",
        "CVE-2018-0228",
        "CVE-2018-0229",
        "CVE-2018-0231",
        "CVE-2018-0240"
      );
      script_bugtraq_id(103934, 103939);
      script_xref(name:"CISCO-BUG-ID", value:"CSCvg40155");
      script_xref(name:"CISCO-BUG-ID", value:"CSCvf63718");
      script_xref(name:"CISCO-BUG-ID", value:"CSCve18902");
      script_xref(name:"CISCO-BUG-ID", value:"CSCve34335");
      script_xref(name:"CISCO-BUG-ID", value:"CSCve38446");
      script_xref(name:"CISCO-BUG-ID", value:"CSCvg65072");
      script_xref(name:"CISCO-BUG-ID", value:"CSCvh87448");
      script_xref(name:"CISCO-BUG-ID", value:"CSCve61540");
      script_xref(name:"CISCO-BUG-ID", value:"CSCvh23085");
      script_xref(name:"CISCO-BUG-ID", value:"CSCvh95456");
      script_xref(name:"CISCO-SA", value:"cisco-sa-20180418-asa1");
      script_xref(name:"CISCO-SA", value:"cisco-sa-20180418-asa2");
      script_xref(name:"CISCO-SA", value:"cisco-sa-20180418-asa3");
      script_xref(name:"CISCO-SA", value:"cisco-sa-20180418-asaanyconnect");
      script_xref(name:"CISCO-SA", value:"cisco-sa-20180418-asa_inspect");
    
      script_name(english:"Cisco FTD Multiple Vulnerabilities (cisco-sa-20180418-asa1 / cisco-sa-20180418-asa2 / cisco-sa-20180418-asa3 / cisco-sa-20180418-asaanyconnect / cisco-sa-20180418-asa_inspect)");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote device is missing a vendor-supplied security patch.");
      script_set_attribute(attribute:"description", value:
    "According to its self-reported version the Cisco Firepower Threat Defense (FTD) software running on the remote device
    is affected by multiple vulnerabilities. Please see the included Cisco BIDs and Cisco Security Advisories for more
    information.
    
    Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
    number.");
      # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa1
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3022fd51");
      # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa2
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d86bee0f");
      # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?72e6e924");
      # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asaanyconnect
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?496f5656");
      # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?dcd24031");
      script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvg40155");
      script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvf63718");
      script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCve18902");
      script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCve34335");
      script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCve38446");
      script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvg65072");
      script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvh87448");
      script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCve61540");
      script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvh23085");
      script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvh95456");
      script_set_attribute(attribute:"solution", value:
    "Upgrade to the relevant fixed version referenced in Cisco security
    advisory cisco-sa-20180418-asa1.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-0227");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/18");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/04/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/01/17");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:firepower");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:firepower_threat_defense");
      script_set_attribute(attribute:"potential_vulnerability", value:"true");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"CISCO");
    
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl", "os_fingerprint.nasl", "cisco_asa_firepower_version.nasl", "cisco_enumerate_firepower.nbin");
      script_require_keys("installed_sw/Cisco Firepower Threat Defense", "Settings/ParanoidReport");
    
      exit(0);
    }
    
    include('vcf.inc');
    include('audit.inc');
    include('cisco_workarounds.inc');
    include('ccf.inc');
    
    if (report_paranoia < 2) audit(AUDIT_PARANOID);
    
    app = 'Cisco Firepower Threat Defense';
    
    # Based on the advisory, it seems we're looking only for FTD and not FXOS
    app_info = vcf::get_app_info(app:app);
    product_info = make_array('model' , app_info['Model'], 'version' , app_info['version'], 'name', app);
    
    model = product_info['model'];
    
    if (
      model !~ '^55[0-9][0-9]($|[^0-9])' && # 5500 & 5500-X
      model !~ '^65[0-9][0-9]($|[^0-9])' && # 6500
      model !~ '^76[0-9][0-9]($|[^0-9])' && # 7600
      model !~ '^93[0-9][0-9]($|[^0-9])' && # Firepower 9300 ASA
      model !~ '^21[0-9][0-9]($|[^0-9])' && # Firepower 2100 SSA
      model !~ '^411[0-9]($|[^0-9])'     && # Firepower 4110 SA
      model !~ '^30[0-9][0-9]($|[^0-9])' && # ISA 3000
      model != 'v' # FTD v
      )
      audit(AUDIT_HOST_NOT, 'an affected Cisco FTD product');
    
    vuln_ranges = [
      {'min_ver' : '6.0',  'fix_ver' : '6.1.0.6'},
      {'min_ver' : '6.2.0',  'fix_ver' : '6.2.0.5'},
      {'min_ver' : '6.2.1',  'fix_ver' : '6.2.2.2'},
      {'min_ver' : '6.2.3',  'fix_ver' : '6.2.3.1'}
    ];
    
    workarounds = make_list(CISCO_WORKAROUNDS['no_workaround']);
    workaround_params = make_list();
    
    cbi = 'CSCvg40155, CSCvf63718, CSCve18902, CSCve34335, CSCve38446, CSCvg65072, CSCvh87448, CSCve61540, CSCvh23085, and CSCvh95456';
    
    reporting = make_array(
      'port'     , 0,
      'severity' , SECURITY_WARNING,
      'version'  , product_info['version'],
      'bug_id'   , cbi
    );
    
    cisco::check_and_report(
      product_info:product_info,
      workarounds:workarounds,
      workaround_params:workaround_params,
      reporting:reporting,
      vuln_ranges:vuln_ranges
    );