Input validation

2021-10-2719:15:00

PRIOn knowledge base

www.prio-n.com

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.9%

JSON

Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints. An attacker could exploit this vulnerability by sending a crafted IP packet to the affected device. A successful exploit could allow the attacker to cause through traffic to be dropped. Note: Only products with Snort3 configured and either a rule with Block with Reset or Interactive Block with Reset actions configured are vulnerable. Products configured with Snort2 are not vulnerable.

CPENameOperatorVersion
firepower_management_centereq3.1.0.1
firepower_threat_defensege7.0.0
firepower_threat_defenselt7.0.1
firepower_threat_defensege6.7.0
firepower_threat_defenselt6.7.0.3
firepower_threat_defensege6.6.0
firepower_threat_defenselt6.6.5.1
firepower_threat_defensege6.4.0
firepower_threat_defenselt6.4.0.13
snortge3.0.0.0

Name	Operator	Version
firepower_management_center	eq	3.1.0.1
firepower_threat_defense	ge	7.0.0
firepower_threat_defense	lt	7.0.1
firepower_threat_defense	ge	6.7.0
firepower_threat_defense	lt	6.7.0.3
firepower_threat_defense	ge	6.6.0
firepower_threat_defense	lt	6.6.5.1
firepower_threat_defense	ge	6.4.0
firepower_threat_defense	lt	6.4.0.13
snort	ge	3.0.0.0