Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Firepower Threat Defense Software Management Interface Denial of Service Vulnerability
Vulnerability Description
A vulnerability in how Cisco Firepower Threat Defense (FTD) Software handles session timeouts for management connections could allow an unauthenticated, remote attacker to cause a buildup of remote management connections to an affected device, which could result in a denial of service (DoS) condition. The vulnerability exists because the default session timeout period for specific to-the-box remote management connections is too long. An attacker could exploit this vulnerability by sending a large and sustained number of crafted remote management connections to an affected device, resulting in a buildup of those connections over time. A successful exploit could allow the attacker to cause the remote management interface or Cisco Firepower Device Manager (FDM) to stop responding and cause other management functions to go offline, resulting in a DoS condition. The user traffic that is flowing through the device would not be affected, and the DoS condition would be isolated to remote management only.
CVSS Information
N/A
Vulnerability Type
资源管理错误
Vulnerability Title
Cisco Firepower Threat Defense 资源管理错误漏洞
Vulnerability Description
Cisco Firepower Threat Defense(FTD)是美国思科(Cisco)公司的一套提供下一代防火墙服务的统一软件。 Cisco FTD 6.4.0.9之前版本和6.5.0.5之前版本中会话超时(用于管理连接)的处理方法存在资源管理错误漏洞。攻击者可通过向受影响的设备持续发送大量特制远程管理连接利用该漏洞导致远程管理界面或Cisco Firepower Threat Defense停止响应,并使其他管理功能脱机,从而导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A