Posts for: #7.3

Multiple Cisco Products Snort 3 MIME Denial of Service Vulnerabilities

#7.3  #7.3.0  #7.3.1  #7.3.1.1  #7.3.1.2  #7.4  #7.4.0  #7.4.1  #7.4.1.1  #7.4.2  #7.4.2.1  #7.4.2.2  #7.4.2.3  #7.4.2.4  #7.6  #7.6.0 
🚨 SEVERITY: MEDIUM — CVSS 6.5 Security Advisory

TL;DR 📌

Multiple Cisco products are affected by vulnerabilities in the Snort 3 MIME Decoder that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or restart, leading to a denial of service. Cisco has released software updates to address these vulnerabilities, but no workarounds are available.

What happened 🕵️‍♂️

Cisco has identified vulnerabilities in the HTTP Multipurpose Internet Mail Extensions (MIME) Decoder within Snort 3, which could be exploited by an unauthenticated remote attacker. These vulnerabilities may lead to the disclosure of sensitive information or cause the Snort 3 Detection Engine to restart unexpectedly, resulting in a denial of service (DoS) condition.

[]

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Access Control Rules Bypass Vulnerability

#7.3  #7.3.0  #7.3.1  #7.3.1.1  #7.3.1.2  #7.4  #7.4.0  #7.4.1  #7.4.1.1  #7.4.2  #7.4.2.1  #7.6  #7.6.0  #9.18  #9.18.2  #9.18.2.5 
🚨 SEVERITY: MEDIUM — CVSS 5.3 Security Advisory

TL;DR 📌

A medium severity vulnerability has been identified in Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) Software, allowing unauthenticated remote attackers to bypass access control rules for loopback interfaces. No workarounds are available, and software updates are necessary to mitigate the risk.

What happened 🕵️‍♂️

Cisco has disclosed a vulnerability in the access control rules implementation for loopback interfaces in its Secure Firewall ASA and FTD Software. This flaw could enable an unauthenticated remote attacker to send traffic that should be blocked to a loopback interface, effectively bypassing configured access control rules. The vulnerability arises from improper enforcement of these rules, posing a potential risk to network security.

[]

Cisco Secure Firewall Threat Defense Software Snort 3 Denial of Service Vulnerability

#7.1  #7.1.0  #7.1.0.1  #7.1.0.2  #7.1.0.3  #7.2  #7.2.0  #7.2.0.1  #7.2.1  #7.2.2  #7.2.3  #7.2.4  #7.2.4.1  #7.2.5  #7.2.5.1  #7.2.5.2 
🚨 SEVERITY: HIGH — CVSS 8.6 Security Advisory

TL;DR 📌

A high-severity denial of service (DoS) vulnerability has been identified in the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense Software. An unauthenticated remote attacker can exploit this issue, leading to potential service disruptions. Cisco has released software updates to address this vulnerability, but no workarounds are available.

What happened 🕵️‍♂️

A vulnerability in the packet inspection functionality of the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service condition on affected devices. This issue arises from incorrect processing of traffic being inspected, which can lead to an infinite loop during traffic inspection. Although the system watchdog will automatically restart the Snort process, the vulnerability poses a significant risk of service interruption.

[]