Denial of Service Vulnerability in Cisco Firepower System Software
CVE-2016-6368

8.6HIGH

Key Information:

Vendor

Cisco
Status
Cisco Firepower Detection Engine
Vendor
CVE Published:
20 April 2017

What is CVE-2016-6368?

A vulnerability exists in the Cisco Firepower System Software due to improper input validation in the detection engine's handling of Pragmatic General Multicast (PGM) protocol packets. An unauthenticated, remote attacker can exploit this weakness by sending specially crafted PGM packets, potentially resulting in a denial of service as the Snort process may unexpectedly restart. This can lead to traffic inspection being bypassed or dropped, impacting network security and availability. The vulnerability affects various Cisco security appliances that have configured file action policies.

Affected Version(s)

Cisco Firepower Detection Engine Cisco Firepower Detection Engine

References

https://tools.cisco.com/security/center/content/CiscoSecu...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/98292
vdb-entryx_refsource_BID
http://www.securityfocus.com/bid/97932
vdb-entryx_refsource_BID

CVSS V3.1

Score:
8.6
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.