Cisco Firepower Threat Defense Software denial of service | CVE-2022-20767
NAME
Cisco Firepower Threat Defense Software denial of service
- Platforms Affected:
Cisco Firepower Threat Defense (FTD) Software 6.2.0
Cisco Firepower Threat Defense (FTD) Software 6.2.1
Cisco Firepower Threat Defense (FTD) Software 6.2.2
Cisco Firepower Threat Defense (FTD) Software 6.2.3
Cisco Firepower Threat Defense (FTD) Software 6.5.0
Cisco Firepower Threat Defense (FTD) Software 6.3.0
Cisco Firepower Threat Defense (FTD) Software 6.4.0 - Risk Level:
8.6 - Exploitability:
Unproven - Consequences:
Denial of Service
DESCRIPTION
Cisco Firepower Threat Defense Software is vulnerable to a denial of service, caused by improper handling of the DNS reputation enforcement rule in the Snort rule evaluation function. By sending specially-crafted UDP packets, a remote attacker could exploit this vulnerability to cause traffic that is going through the affected device to be dropped.
CVSS 3.0 Information
- Privileges Required: None
- User Interaction: None
- Scope: Changed
- Access Vector: Network
- Access Complexity: Low
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High
- Remediation Level: Official Fix
MITIGATION
Refer to Cisco Security Advisory cisco-sa-FTD-snort3-DOS-Aq38LVdM for patch, upgrade or suggested workaround information. See References.
- Reference Link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-FTD-snort3-DOS-Aq38LVdM - Reference Link:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20767
If you like the site, please consider joining the telegram channel and supporting us on Patreon using the button below.
