Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

fstec логотип

BDU:2024-10814

Опубликовано: 23 окт. 2024
Источник: fstec
CVSS3: 8.6
CVSS2: 7.8
EPSS Низкий

Описание

Уязвимость модуля Snort микропрограммного обеспечения межсетевых экранов Cisco Firepower Threat Defense (FTD) связана с неконтролируемым расходом ресурсов. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании

Вендор

Cisco Systems Inc.

Наименование ПО

Firepower Threat Defense
Snort

Версия ПО

6.2.3.16 (Firepower Threat Defense)
7.0.0 (Firepower Threat Defense)
7.2.0.1 (Firepower Threat Defense)
6.6.0.1 (Firepower Threat Defense)
6.6.5.1 (Firepower Threat Defense)
6.6.5.2 (Firepower Threat Defense)
7.0.0.1 (Firepower Threat Defense)
7.0.1 (Firepower Threat Defense)
7.0.1.1 (Firepower Threat Defense)
7.0.2 (Firepower Threat Defense)
7.0.2.1 (Firepower Threat Defense)
7.0.3 (Firepower Threat Defense)
7.0.4 (Firepower Threat Defense)
7.1.0.1 (Firepower Threat Defense)
7.1.0.2 (Firepower Threat Defense)
7.0.5 (Firepower Threat Defense)
7.1.0.3 (Firepower Threat Defense)
7.3.1.1 (Firepower Threat Defense)
6.2.3.3 (Firepower Threat Defense)
6.2.3.4 (Firepower Threat Defense)
6.2.3.5 (Firepower Threat Defense)
6.2.3.6 (Firepower Threat Defense)
6.2.3.7 (Firepower Threat Defense)
6.2.3.8 (Firepower Threat Defense)
6.2.3.9 (Firepower Threat Defense)
6.2.3.10 (Firepower Threat Defense)
6.2.3.11 (Firepower Threat Defense)
6.2.3.12 (Firepower Threat Defense)
6.2.3.13 (Firepower Threat Defense)
6.2.3.14 (Firepower Threat Defense)
6.2.3.15 (Firepower Threat Defense)
6.2.3.17 (Firepower Threat Defense)
6.2.3.18 (Firepower Threat Defense)
6.4.0.1 (Firepower Threat Defense)
6.4.0.2 (Firepower Threat Defense)
6.4.0.3 (Firepower Threat Defense)
6.4.0.4 (Firepower Threat Defense)
6.4.0.5 (Firepower Threat Defense)
6.4.0.6 (Firepower Threat Defense)
6.4.0.7 (Firepower Threat Defense)
6.4.0.8 (Firepower Threat Defense)
6.4.0.9 (Firepower Threat Defense)
6.4.0.10 (Firepower Threat Defense)
6.4.0.11 (Firepower Threat Defense)
6.4.0.12 (Firepower Threat Defense)
6.4.0.13 (Firepower Threat Defense)
6.4.0.14 (Firepower Threat Defense)
6.4.0.15 (Firepower Threat Defense)
6.4.0.16 (Firepower Threat Defense)
6.6.7.1 (Firepower Threat Defense)
6.7.0.1 (Firepower Threat Defense)
6.7.0.2 (Firepower Threat Defense)
6.7.0.3 (Firepower Threat Defense)
6.2.3.1 (Firepower Threat Defense)
6.2.3.2 (Firepower Threat Defense)
7.0.6 (Firepower Threat Defense)
7.2.4.1 (Firepower Threat Defense)
2 (Snort)
6.4.0.17 (Firepower Threat Defense)
7.0.6.1 (Firepower Threat Defense)
7.2.5.1 (Firepower Threat Defense)
7.3.1.2 (Firepower Threat Defense)
6.6.7.2 (Firepower Threat Defense)
7.2.5.2 (Firepower Threat Defense)
7.4.1.1 (Firepower Threat Defense)
6.4.0.18 (Firepower Threat Defense)
3 (Snort)

Тип ПО

ПО программно-аппаратного средства
Программное средство защиты

Операционные системы и аппаратные платформы

-

Уровень опасности уязвимости

Высокий уровень опасности (базовая оценка CVSS 2.0 составляет 7,8)
Высокий уровень опасности (базовая оценка CVSS 3.0 составляет 8,6)

Возможные меры по устранению уязвимости

Использование рекомендаций производителя:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-ftd-snort-fw-BCJTZPMu

Статус уязвимости

Подтверждена производителем

Наличие эксплойта

Данные уточняются

Информация об устранении

Уязвимость устранена

Ссылки на источники

Идентификаторы других систем описаний уязвимостей

EPSS

Процентиль: 74%
0.00833
Низкий

8.6 High

CVSS3

7.8 High

CVSS2

Связанные уязвимости

nvd логотип

CVE-2024-20351

CVSS3: 8.6
nvd
больше 1 года назад

A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense (FTD) Software and Cisco FirePOWER Services could allow an unauthenticated, remote attacker to cause legitimate network traffic to be dropped, resulting in a denial of service (DoS) condition. This vulnerability is due to the improper handling of TCP/IP network traffic. An attacker could exploit this vulnerability by sending a large amount of TCP/IP network traffic through the affected device. A successful exploit could allow the attacker to cause the Cisco FTD device to drop network traffic, resulting in a DoS condition. The affected device must be rebooted to resolve the DoS condition.

github логотип

GHSA-4qrp-r28g-j2vf

CVSS3: 8.6
github
больше 1 года назад

A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense (FTD) Software and Cisco FirePOWER Services could allow an unauthenticated, remote attacker to cause legitimate network traffic to be dropped, resulting in a denial of service (DoS) condition. This vulnerability is due to the improper handling of TCP/IP network traffic. An attacker could exploit this vulnerability by sending a large amount of TCP/IP network traffic through the affected device. A successful exploit could allow the attacker to cause the Cisco FTD device to drop network traffic, resulting in a DoS condition. The affected device must be rebooted to resolve the DoS condition.

EPSS

Процентиль: 74%
0.00833
Низкий

8.6 High

CVSS3

7.8 High

CVSS2