PT-2021-7098 · Cisco · Cisco Ftd
Published
2021-11-02
·
Updated
2022-05-13
·
CVE-2022-20746
CVSS v3.1
8.6
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Cisco Firepower Threat Defense (FTD) Software versions prior to 6.6.5.2
Cisco Firepower Threat Defense (FTD) Software versions prior to 7.1.0.1
Description
A vulnerability in the TCP proxy functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper handling of TCP flows. An attacker could exploit this vulnerability by sending a crafted stream of TCP traffic through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
Recommendations
For Cisco Firepower Threat Defense (FTD) Software version prior to 6.6.5.2, update to version 6.6.5.2 or later.
For Cisco Firepower Threat Defense (FTD) Software version prior to 7.1.0.1, update to version 7.1.0.1 or later.
As a temporary workaround, consider restricting access to the TCP proxy functionality until a patch is available.
Fix
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Ftd