Executive Summary
Summary | |
---|---|
Title | Cisco Firepower Detection Engine IPv6 Denial of Service Vulnerability |
Informations | |||
---|---|---|---|
Name | cisco-sa-20171004-fpsnort | First vendor Publication | 2017-10-04 |
Vendor | Cisco | Last vendor Modification | 2017-10-04 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause high CPU utilization or to cause a denial of service (DoS) condition because the Snort process restarts unexpectedly. The vulnerability is due to improper input validation of the fields in the IPv6 extension header packet. An attacker could exploit this vulnerability by sending a malicious IPv6 packet to the detection engine on the targeted device. An exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped. This vulnerability is specific to IPv6 traffic only. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-fpsnort ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-fpsnort"] BEGIN PGP SIGNATURE iQKBBAEBAgBrBQJZ1QWHZBxDaXNjbyBTeXN0ZW1zIFByb2R1Y3QgU2VjdXJpdHkg SW5jaWRlbnQgUmVzcG9uc2UgVGVhbSAoQ2lzY28gUFNJUlQga2V5IDIwMTYtMjAx NykgPHBzaXJ0QGNpc2NvLmNvbT4ACgkQrz2APcQAkHnxFg//YrKL+b2N3uMJH5Y1 irhUd5kXgaKFXxCxBLXTdGCaFvJRuSSCAAT2y9TwjhpZAKgAJRZrAZLegLT/EKr0 MS5dQpMTFp8ThyOiqhJYKCN9WDP8ZevEZNihbo/ySjZKpNgsoph9melb7ertmfBo tkbk0B3Q47KlqyyWg4mgjLoW5eF/bmW3pMplpoRVgm6DRmVYN5DacTmYSMJYZn/j DKV20SOMVuKOQ8evcUdY/fPerbtSegCkz1N5u+bN+3qfyLefBo1i5t0y/EkJ678z bKDwNcFGgCduS0rFPqBcmmgG/a1Tq4C9dzDH7/vSIsLVKsvUgBocs+xZAoc5tzn8 NEI1n/Su4pHGPrGFS+psATgenVhQjHCSg13nyBUXMyq9AEdzodre5ARzDzE6mU5a YcHEK3q4gljXRQE8NhnhKaOZ06ZzEA0qJLgq9I8rpp7LhySFF1Jk7UlDjZskWrX9 LTT0JKFQsabmDGIx7xxWmT/POGgzE3gDR3lWnWovuzLVexRKGhsIUDlUeYQBo1ii 4WU+7GUGo6v54cRiT1rr0qIWb36ldZKHOdvDEPreFW5ldcAigRdhFGDfG+VSdgcH nmLYYiJBlfTvZn0LyfKnhlWweg2oVPEnuDscYth3r76A/kAbZFyVL5zXWs9tcwi6 CvZO17m3vPXUbjjIu+XvQuGGE34= =F3iZ END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com |
Original Source
Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...) |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-20 | Improper Input Validation |
CPE : Common Platform Enumeration
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-10-12 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20171004-ftd-firepower_threat_defense.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2017-10-20 21:25:38 |
|
2017-10-13 13:25:48 |
|
2017-10-05 13:26:50 |
|
2017-10-04 21:22:28 |
|