Denial of Service Vulnerability in Cisco Firepower System Software
CVE-2018-0233

8.6HIGH

Key Information:

Vendor: Cisco
Status: Cisco Firepower Detection Engine
Vendor: CVE Published:; 19 April 2018

What is CVE-2018-0233?

A vulnerability exists in the SSL packet reassembly functionality of the detection engine within the Cisco Firepower System Software. This situation allows an unauthenticated, remote attacker to exploit the system by sending specially crafted SSL connections that could cause excessive memory consumption on the affected device. As a result, this may lead to a denial of service (DoS) condition. Recovery from this issue often requires manual rebooting of the affected device. The vulnerability is specifically noted to affect software versions 6.0.0 and later across various Cisco products.

Affected Version(s)

Cisco Firepower Detection Engine Cisco Firepower Detection Engine

References

https://tools.cisco.com/security/center/content/CiscoSecu...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/103930

vdb-entryx_refsource_BID

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 19, 2018
Vulnerability Reserved
Nov 27, 2017