CVE-2018-0370

Name of the Vulnerable Software and Affected Versions Cisco Firepower System Software (affected versions not specified)

Description A vulnerability in the detection engine could allow an unauthenticated, remote attacker to cause one of the detection engine processes to run out of memory, slowing down traffic processing. This issue is due to improper handling of traffic when the Secure Sockets Layer (SSL) inspection policy is enabled. An attacker could exploit this by sending malicious traffic through an affected device, increasing the resource consumption of a single instance of the Snort detection engine, leading to performance degradation and eventually the restart of the affected Snort process.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.