Executive Summary

Title Cisco FirePOWER System Software Packet Processing Denial of Service Vulnerability
Name cisco-sa-20160504-firepower First vendor Publication 2016-05-04
Vendor Cisco Last vendor Modification 2016-05-04
Severity (Vendor) N/A Revision 1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores


A vulnerability in the packet processing functions of Cisco FirePOWER System Software could allow an unauthenticated, remote attacker to cause an affected system to stop inspecting and processing packets, resulting in a denial of service (DoS) condition.

The vulnerability is due to improper packet handling by the affected software when packets are passed through the sensing interfaces of an affected system. An attacker could exploit this vulnerability by sending crafted packets through a targeted system.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-firepower

BEGIN PGP SIGNATURE Version: GnuPG/MacGPG2 v2 Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJXKhrpAAoJEK89gD3EAJB53QoQANWskb8w7+58gNne3stwOPnO vWtuqUDXEIWn6rpcYOD0rJ4WGZN8EbEAO5EdlENj11OxH09FJYUxHD9V8QkUnLq2 8TOzPgyi3TITHAe2gH29US7QaiLxtZgarFtd26OKBX1tsqMUbDzcwhLFg7V9B5r7 XAIjP12OqWP2W0dtbritU4TBku5g6TV83Uj8CWLB7lqzoYKGzEZd6zlgflUB/5ej nc3xpoDC5oQwrftKE58Ea+tHIjCRkTL2kRx1bH+vQ2ewsFlvhXQ6LVR7c1zMBmAe xTuBN9SuNDt8KK9B8bBo0Qcu9UIBOKvNpPVWiTuhr2+SoEs5HLaEwyQQXkGs6yeK oM+IkuuHriZeq8T098hqOb+XO1hOTYJ1DVCRVpul5FUyMCsgg7+LDqPKJbuDORHq AizdNjIzc33V/zwNcIN9Y588788y1YDi5TTtS51h1slo2yOhMljwLL2IjTbkfQjE 5w/jqXSM2Em9U5ZPSJMW9b9MIdkFo48c7N1txCmvGDevDEQ5/RNjuzxixpeV0GeN jfYECZ/bYGn5JfCihWvmlL6zxE43WHnAeqzgTt/NTcLNWvdDQ6FTJwYUbdht3keY 8qIbyeVCkZg+QKBvW1ttgQoX1uYrE5Y2M6vXyhHHrR9FGTRVDZaExISI4QSwrPnG QfCvizSgZ8plD5iNahO8 =2cg8 END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-399 Resource Management Errors

CPE : Common Platform Enumeration

Application 28

Alert History

If you want to see full details history, please login or register.
Date Informations
2016-05-10 05:47:47
  • Multiple Updates
2016-05-04 21:27:12
  • First insertion