TL;DR 📌

Multiple Cisco products are affected by vulnerabilities in the Snort 3 MIME Decoder that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or restart, leading to a denial of service. Cisco has released software updates to address these vulnerabilities, but no workarounds are available.

What happened 🕵️‍♂️

Cisco has identified vulnerabilities in the HTTP Multipurpose Internet Mail Extensions (MIME) Decoder within Snort 3, which could be exploited by an unauthenticated remote attacker. These vulnerabilities may lead to the disclosure of sensitive information or cause the Snort 3 Detection Engine to restart unexpectedly, resulting in a denial of service (DoS) condition.