Executive Summary

Summary
Title Cisco Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability
Informations
Name cisco-sa-20181003-ftd-inspect-dos First vendor Publication 2018-10-03
Vendor Cisco Last vendor Modification 2018-10-03
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.1 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition.

The vulnerability exists because the affected software fails to release spinlocks when a device is running low on system memory, if the software is configured to apply FTP inspection and an access control rule to transit traffic, and the access control rule is associated with an FTP file policy. An attacker could exploit this vulnerability by sending a high rate of transit traffic through an affected device to cause a low-memory condition on the device. A successful exploit could allow the attacker to cause a software panic on the affected device, which could cause the device to reload and result in a temporary DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-ftd-inspect-dos ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-ftd-inspect-dos"]

BEGIN PGP SIGNATURE

iQJ5BAEBAgBjBQJbtOqxXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50 IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly dEBjaXNjby5jb20+AAoJEJa12PPJBfcz1qwP/i9RYn7dmYOL2DJPPV+8VE+sBu6L ZB4QBxwT3uvYAsYJiCXyfpcIqDNiVPOwEH2rVT5gTMgMXulagBUr4vBZE9iebuUi syRAY8BUxB+zsYVqWN97/gLiZZgINfHsOUfJ6J1tGhAU21Qx1ht5jWxCb7RsCjIj 8D6jIQC7laPjxuRiwgbBTEjcxUK2VL3xgtQuN/+tFttzUAPYxC86ykJtZifv7B2e YcMxabNdJ9VXb4qyIicKJU8u+vUsCzysKw21Sl6WqxckvpPsFypqzUd4MSetOJUC YqyUbCKa8xzA6+IS7Pb5yaF4P84TqbCOk4PEBvJ3nAk/KbX53lcVoJkY8oFyglNM CSCL0S3YwQIUKuSG5ydb5I3XW71rV5GbpTDHHBA2ky1roaugcViMy3TAPBbSv0tW xqazKXvKWSZrWSsAi2sQ6EaGTFL2x8qFQXs1XNlzpoYFb7uctTA0n7eu/EX1e8oM o3Bqv9RTH/TFLqB68kpm1IrrKl+hfYXU055vHPGuEV5tTlbeHAquj61rffgTlY2A 71M5dcf1+uaE3NSzfbUufYDlof3EaJ+xQ7aLStT16qQXEPBoyYHK3FDHDsYo6pdM 7uhW77LhYX/accdeiqG7PdlHLwbF1vcam+sZd2xdeGB4jNdQzBG/leXwjpL7teRA uP8TVW7Y7fVEAbMp =tqt5 END PGP SIGNATURE

_______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-667 Insufficient Locking

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 41
Os 1

Nessus® Vulnerability Scanner

Date Description
2018-10-04 Name : The remote device is missing a vendor-supplied security patches.
File : cisco-sa-20181003-ftd-inspect-dos.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2018-12-31 21:21:49
  • Multiple Updates
2018-10-05 21:21:50
  • Multiple Updates
2018-10-03 21:19:37
  • First insertion