漏洞标题
Cisco Firewall Power Threat Defense软件 DNS enforcement 拒绝服务漏洞
漏洞描述信息
思科Firepower威胁防御软件DNS执行拒绝服务漏洞
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
漏洞类别
N/A
漏洞标题
Cisco Firepower Threat Defense Software DNS Enforcement Denial of Service Vulnerability
漏洞描述信息
A vulnerability in the Snort rule evaluation function of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of the DNS reputation enforcement rule. An attacker could exploit this vulnerability by sending crafted UDP packets through an affected device to force a buildup of UDP connections. A successful exploit could allow the attacker to cause traffic that is going through the affected device to be dropped, resulting in a DoS condition. Note: This vulnerability only affects Cisco FTD devices that are running Snort 3.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
漏洞类别
资源管理错误
漏洞标题
Cisco Firepower Threat Defense 资源管理错误漏洞
漏洞描述信息
Cisco Firepower Threat Defense(FTD)是美国思科(Cisco)公司的一套提供下一代防火墙服务的统一软件。 Cisco Firepower Threat Defense (FTD)存在资源管理错误漏洞,该漏洞源于对 DNS 信誉强制规则处理不当。攻击者可利用该漏洞在受影响的设备上造成拒绝服务条件 (DoS)。
CVSS信息
N/A
漏洞类别
资源管理错误