Lucene search

CiscoCISCO-SA-20161019-FPSNORT

HistoryOct 19, 2016 - 4:00 p.m.

Cisco Firepower Detection Engine HTTP Denial of Service Vulnerability

2016-10-1916:00:00

tools.cisco.com

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.003

Percentile

68.4%

JSON

A vulnerability in the detection engine reassembly of HTTP packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting.

The vulnerability is due to improper handling of an HTTP packet stream. An attacker could exploit this vulnerability by sending a crafted HTTP packet stream to the detection engine on the targeted device. An exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-fpsnort[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-fpsnort”]

Affected configurations

Vulners

Node

ciscofirepower_management_centerMatch5.4

ciscofirepower_management_centerMatch6.0

ciscofirepower_management_centerMatch5.3

ciscofirepower_management_centerMatchany

ciscofirepower_management_centerMatch5.4.1.3

ciscofirepower_management_centerMatch5.4.1.5

ciscofirepower_management_centerMatch5.4.1.4

ciscofirepower_management_centerMatch5.4.1.2

ciscofirepower_management_centerMatch5.4.1.1

ciscofirepower_management_centerMatch5.4.1

ciscofirepower_management_centerMatch5.4.0

ciscofirepower_management_centerMatch5.4.0.2

ciscofirepower_management_centerMatch5.4.1.6

ciscofirepower_management_centerMatchany

ciscofirepower_management_centerMatch6.0.0

ciscofirepower_management_centerMatch6.0.1

ciscofirepower_management_centerMatch6.0.0.1

ciscofirepower_management_centerMatch6.0.0.0

ciscofirepower_management_centerMatch5.3.0.2

ciscofirepower_management_centerMatch5.3.1.6

ciscofirepower_management_centerMatch5.3.1.5

ciscofirepower_management_centerMatch5.3.1.4

ciscofirepower_management_centerMatch5.3.1.3

ciscofirepower_management_centerMatch5.3.0.3

ciscofirepower_management_centerMatch5.3.0

ciscofirepower_management_centerMatch5.3.1

ciscofirepower_management_centerMatch5.3.0.4

VendorProductVersionCPE
ciscofirepower_management_center5.4cpe:2.3:a:cisco:firepower_management_center:5.4:*:*:*:*:*:*:*
ciscofirepower_management_center6.0cpe:2.3:a:cisco:firepower_management_center:6.0:*:*:*:*:*:*:*
ciscofirepower_management_center5.3cpe:2.3:a:cisco:firepower_management_center:5.3:*:*:*:*:*:*:*
ciscofirepower_management_centeranycpe:2.3:a:cisco:firepower_management_center:any:*:*:*:*:*:*:*
ciscofirepower_management_center5.4.1.3cpe:2.3:a:cisco:firepower_management_center:5.4.1.3:*:*:*:*:*:*:*
ciscofirepower_management_center5.4.1.5cpe:2.3:a:cisco:firepower_management_center:5.4.1.5:*:*:*:*:*:*:*
ciscofirepower_management_center5.4.1.4cpe:2.3:a:cisco:firepower_management_center:5.4.1.4:*:*:*:*:*:*:*
ciscofirepower_management_center5.4.1.2cpe:2.3:a:cisco:firepower_management_center:5.4.1.2:*:*:*:*:*:*:*
ciscofirepower_management_center5.4.1.1cpe:2.3:a:cisco:firepower_management_center:5.4.1.1:*:*:*:*:*:*:*
ciscofirepower_management_center5.4.1cpe:2.3:a:cisco:firepower_management_center:5.4.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	firepower_management_center	5.4	cpe:2.3:a:cisco:firepower_management_center:5.4:::::::*
cisco	firepower_management_center	6.0	cpe:2.3:a:cisco:firepower_management_center:6.0:::::::*
cisco	firepower_management_center	5.3	cpe:2.3:a:cisco:firepower_management_center:5.3:::::::*
cisco	firepower_management_center	any	cpe:2.3:a:cisco:firepower_management_center:any:::::::*
cisco	firepower_management_center	5.4.1.3	cpe:2.3:a:cisco:firepower_management_center:5.4.1.3:::::::*
cisco	firepower_management_center	5.4.1.5	cpe:2.3:a:cisco:firepower_management_center:5.4.1.5:::::::*
cisco	firepower_management_center	5.4.1.4	cpe:2.3:a:cisco:firepower_management_center:5.4.1.4:::::::*
cisco	firepower_management_center	5.4.1.2	cpe:2.3:a:cisco:firepower_management_center:5.4.1.2:::::::*
cisco	firepower_management_center	5.4.1.1	cpe:2.3:a:cisco:firepower_management_center:5.4.1.1:::::::*
cisco	firepower_management_center	5.4.1	cpe:2.3:a:cisco:firepower_management_center:5.4.1:::::::*

Rows per page:

1-10 of 261

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161019-fpsnort

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.003

Percentile

68.4%

JSON

Related for CISCO-SA-20161019-FPSNORT