Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Firepower Threat Defense Software SSH Connections Denial of Service Vulnerability
Vulnerability Description
A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to a lack of proper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, which causes a DoS condition on the affected device. The device must be manually reloaded to recover.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Vulnerability Type
内存缓冲区边界内操作的限制不恰当
Vulnerability Title
Cisco Firepower Threat Defense 缓冲区错误漏洞
Vulnerability Description
Cisco Firepower Threat Defense(FTD)是美国思科(Cisco)公司的一套提供下一代防火墙服务的统一软件。 Cisco Firepower Threat Defense Software 存在缓冲区错误漏洞,该漏洞源于在无法建立 SSH 会话时缺乏正确的错误处理。攻击者可以通过向实例发送高频率的精心设计的 SSH 连接来利用此漏洞。成功的利用可能允许攻击者造成资源耗尽,从而导致受影响设备出现 DoS 条件。必须手动重新加载设备才能恢复。
CVSS Information
N/A
Vulnerability Type
N/A