Описание
A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to an error in TCP-based packet inspection, which could cause the TCP packet to have an invalid Layer 2 (L2)-formatted header. An attacker could exploit this vulnerability by sending a crafted TCP packet sequence to the targeted device. A successful exploit could allow the attacker to cause a DoS condition.
Ссылки
- Broken LinkThird Party AdvisoryVDB Entry
- Vendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Одновременно
Одно из
Одно из
Одно из
EPSS
6.8 Medium
CVSS3
7.5 High
CVSS3
7.8 High
CVSS2
Дефекты
Связанные уязвимости
A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to an error in TCP-based packet inspection, which could cause the TCP packet to have an invalid Layer 2 (L2)-formatted header. An attacker could exploit this vulnerability by sending a crafted TCP packet sequence to the targeted device. A successful exploit could allow the attacker to cause a DoS condition.
Уязвимость функции TCP Proxy межсетевых экранов Cisco Adaptive Security Appliance и Cisco Firepower Threat Defense, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
6.8 Medium
CVSS3
7.5 High
CVSS3
7.8 High
CVSS2