PT-2017-16156 · Cisco · Cisco Firepower System
Published
2017-04-07
·
Updated
2024-11-26
·
CVE-2017-3885
CVSS v2.0
7.1
High
| Vector | AV:N/AC:M/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Cisco Firepower System Software versions 6.0.0 through 6.2.1
Description
A vulnerability in the detection engine reassembly of Secure Sockets Layer (SSL) packets could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the Snort process consumes a high level of CPU resources. This issue occurs when the device is configured with an SSL policy that has at least one rule specifying traffic decryption.
Recommendations
For versions 6.0.0 through 6.2.1, consider disabling the SSL policy that has at least one rule specifying traffic decryption as a temporary workaround to minimize the risk of exploitation. Restrict access to the Snort process to prevent high CPU resource consumption.
Fix
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Firepower System