Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Multiple Cisco Products Snort 3 TBD Denial of Service Vulnerability
Vulnerability Description
Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to an error in the JSTokenizer normalization logic when the HTTP inspection normalizes JavaScript. An attacker could exploit this vulnerability by sending crafted HTTP packets through an established connection that is parsed by Snort 3. A successful exploit could allow the attacker to cause a DoS condition when the Snort 3 Detection Engine restarts unexpectedly. JSTokenizer is not enabled by default.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
Cisco Secure Firewall Threat Defense和Cisco IOS XE Software 资源管理错误漏洞
Vulnerability Description
Cisco Secure Firewall Threat Defense和Cisco IOS XE Software都是美国思科(Cisco)公司的产品。Cisco Secure Firewall Threat Defense是一个集成式防火墙平台。Cisco IOS XE Software是一种网络操作系统。 Cisco Secure Firewall Threat Defense和Cisco IOS XE Software存在资源管理错误漏洞,该漏洞源于Snort 3检测引擎的JSTokenizer规
CVSS Information
N/A
Vulnerability Type
N/A