Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-FTDSNORT3SIP-DOS-A4CHEARC
HistoryNov 09, 2022 - 4:00 p.m.

Cisco Firepower Threat Defense Software SIP and Snort 3 Detection Engine Denial of Service Vulnerability

2022-11-0916:00:00
tools.cisco.com
17
cisco
firepower threat defense
sip
snort 3
vulnerability
denial of service
software update
remote attack
dos
error-checking
security advisory
november 2022
cisco asa
fmc
cisco event response

0.001 Low

EPSS

Percentile

48.8%

JSON

A vulnerability in the interaction of SIP and Snort 3 for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart.

This vulnerability is due to a lack of error-checking when SIP bidirectional flows are being inspected by Snort 3. An attacker could exploit this vulnerability by sending a stream of crafted SIP traffic through an interface on the targeted device. A successful exploit could allow the attacker to trigger a restart of the Snort 3 process, resulting in a denial of service (DoS) condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-dos-A4cHeArC [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-dos-A4cHeArC”]

This advisory is part of the November 2022 release of the Cisco ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see Cisco Event Response: November 2022 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication [“https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-74838”].

Affected configurations

Vulners
Node
ciscofirepower_threat_defense_softwareMatch7.2
OR
ciscofirepowerMatchany
OR
ciscoasr_1000_series_softwareMatchany
OR
ciscoindustrial_network_directorMatchany
OR
cisconx-osMatchanynexus_9000_series
OR
ciscofirepowerMatchany
OR
ciscofirepower_management_center_virtual_applianceMatchany
OR
ciscopix_firewallMatchany
OR
ciscofirepower_threat_defense_softwareMatchany
OR
ciscofirepower_threat_defense_softwareMatch7.2.0
OR
ciscofirepower_threat_defense_softwareMatch7.2.0.1
OR
ciscofirepower_threat_defense_softwareMatch2100_series
OR
ciscofirepower_threat_defense_softwareMatch1000_series
OR
ciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
OR
ciscofirepower_threat_defense_softwareMatch9000_series
OR
ciscofirepower_threat_defense_softwareMatch4100_series
OR
ciscofirepower_threat_defense_softwareMatchany
OR
ciscofirepower_threat_defense_softwareMatch3100_series
OR
ciscofirepower_threat_defense_softwareMatchany
OR
ciscofirepower_threat_defense_softwareMatch2100_series
OR
ciscofirepower_threat_defense_softwareMatch1000_series
OR
ciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
OR
ciscofirepower_threat_defense_softwareMatch9000_series
OR
ciscofirepower_threat_defense_softwareMatch4100_series
OR
ciscofirepower_threat_defense_softwareMatch7.2.0_when_installed_on_cisco_firepower_ngfw_virtual
OR
ciscofirepower_threat_defense_softwareMatch3100_series
OR
ciscofirepower_threat_defense_softwareMatch2100_series
OR
ciscofirepower_threat_defense_softwareMatch1000_series
OR
ciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
OR
ciscofirepower_threat_defense_softwareMatch9000_series
OR
ciscofirepower_threat_defense_softwareMatch4100_series
OR
ciscofirepower_threat_defense_softwareMatch7.2.0.1_when_installed_on_cisco_firepower_ngfw_virtual
OR
ciscofirepower_threat_defense_softwareMatch3100_series

Related

nvd 1
cve 1
prion 1
cvelist 1
nvd
nvd
CVE-2022-20950
2022-11-15 21:15:36
cve
cve
CVE-2022-20950
2022-11-15 21:15:36
prion
prion
Race condition
2022-11-15 21:15:00
cvelist
cvelist
CVE-2022-20950
2022-11-10 17:32:32

0.001 Low

EPSS

Percentile

48.8%

JSON
Related for CISCO-SA-FTDSNORT3SIP-DOS-A4CHEARC
nvd1cve1prion1cvelist1