Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Multiple Cisco Products Snort Rule Denial of Service Vulnerability
Vulnerability Description
Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints. An attacker could exploit this vulnerability by sending a crafted IP packet to the affected device. A successful exploit could allow the attacker to cause through traffic to be dropped. Note: Only products with Snort3 configured and either a rule with Block with Reset or Interactive Block with Reset actions configured are vulnerable. Products configured with Snort2 are not vulnerable.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Vulnerability Type
非预期数据类型处理不恰当
Vulnerability Title
Cisco Products Snort 安全漏洞
Vulnerability Description
Cisco Products Snort是美国思科(Cisco)公司的一个用于思科产品的Snort引擎。 Cisco Products Snort Rule 存在安全漏洞,该漏洞源于在没有适当约束的情况下配置规则时,对Block with Reset或Interactive Block with Reset操作的不当处理造成的。攻击者可以通过向受影响的设备发送精心设计的 IP 数据包来利用此漏洞。成功的利用可能允许攻击者导致直通流量被丢弃。
CVSS Information
N/A
Vulnerability Type
N/A