Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Secure Firewall Threat Defense Software Snort 3 Memory Management Denial of Service Vulnerability
Vulnerability Description
A vulnerability in the memory management handling for the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart. This vulnerability is due to a logic error in memory management when a device is performing Snort 3 SSL packet inspection. An attacker could exploit this vulnerability by sending crafted SSL packets through an established connection to be parsed by the Snort 3 Detection Engine. A successful exploit could allow the attacker to cause a denial of service (DoS) condition when the Snort 3 Detection Engine unexpectedly restarts.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
Vulnerability Type
在缓冲区结束位置之后访问内存
Vulnerability Title
Cisco Secure Firewall Threat Defense 安全漏洞
Vulnerability Description
Cisco Secure Firewall Threat Defense是美国思科(Cisco)公司的一个集成式防火墙平台。 Cisco Secure Firewall Threat Defense存在安全漏洞,该漏洞源于执行Snort 3 SSL数据包检查时内存管理逻辑错误,可能导致未经身份验证的远程攻击者发送特制SSL数据包,导致Snort 3检测引擎意外重启,引发拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A