Описание
A vulnerability in the FTP application layer gateway (ALG) functionality used by Network Address Translation (NAT), NAT IPv6 to IPv4 (NAT64), and the Zone-Based Policy Firewall (ZBFW) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a buffer overflow that occurs when an affected device inspects certain FTP traffic. An attacker could exploit this vulnerability by performing a specific FTP transfer through the device. A successful exploit could allow the attacker to cause the device to reload.
Уязвимые конфигурации
Одно из
EPSS
8.6 High
CVSS3
7.5 High
CVSS3
7.8 High
CVSS2
Дефекты
Связанные уязвимости
A vulnerability in the FTP application layer gateway (ALG) functionality used by Network Address Translation (NAT), NAT IPv6 to IPv4 (NAT64), and the Zone-Based Policy Firewall (ZBFW) in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a buffer overflow that occurs when an affected device inspects certain FTP traffic. An attacker could exploit this vulnerability by performing a specific FTP transfer through the device. A successful exploit could allow the attacker to cause the device to reload.
Уязвимость шлюза прикладного уровня (ALG) и межсетевого экрана ZBFW операционной системы Cisco IOS XE, позволяющая нарушителю вызвать перезагрузку уязвимого устройства
EPSS
8.6 High
CVSS3
7.5 High
CVSS3
7.8 High
CVSS2