—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Cisco Security Advisory: Cisco Firepower Detection Engine Secure Sockets Layer Denial of Service Vulnerability

Advisory ID: cisco-sa-20180418-fpsnort

Revision: 1.0

For Public Release: 2018 April 18 16:00 GMT

Last Updated: 2018 April 18 16:00 GMT

CVE ID(s): CVE-2018-0233

CVSS Score v(3): 8.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

+———————————————————————

Summary

=======

A vulnerability in the Secure Sockets Layer (SSL) packet reassembly functionality of the detection engine in Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the detection engine to consume excessive system memory on an affected device, which could cause a denial of service (DoS) condition.

The vulnerability is due to the affected software improperly handling changes to SSL connection states. An attacker could exploit this vulnerability by sending crafted SSL connections through an affected device. A successful exploit could allow the attacker to cause the detection engine to consume excessive system memory on the affected device, which could cause a DoS condition. The device may need to be reloaded manually to recover from this condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fpsnort [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fpsnort”]

—–BEGIN PGP SIGNATURE—–

iQJ5BAEBAgBjBQJa127tXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly
dEBjaXNjby5jb20+AAoJEJa12PPJBfczRCQP/il9Zr20HRORU5as2cntR11GeWGd
rfOv5hhQ/n5TDuQJmqILR9/PVgUsvp6Oi0FVI/WN+idnnAsMExSH/mukhVYzwpRs
mjSu7u38US+tciJHtmAvLHaNn4WsktTxCdWgDCE0RbT+oKDQaZORKmfPKpOTH0Cj
UFao4PlFOW5nk1Iu+NN9HFxEp/GW0OwwX7G1xLePZxANu5NsYbSk2Uhpk8+Ut+wI
RKpxaZD0+SGsw5mt3nsnalDQRZHWzfeae40VIpTl45O6gIdQjwa7QA1meoOiy8CE
3zaHxWZisWgQ7I/RpuSParvYrpHwFoAQeXYHNNzFPFfyJP0dCrESQEZBUaZnYPtj
L1yhoAiYz/WgQT0LkoDVcmy1TxF+yspli/FARsWvPpIx7U30QvWnPJ4YKipw4iVt
cnfzePPXsNw/lpSXJkFRtCP8cJ4P/H6Y4lo7DnAv8d8EtLoD7to+JWEDZsov8dD9
4ApqiO7A+kt7xtUG0XZvIieO1RrBlsU1wmVYMCzcERGhAhVPZoxR5Te7aR44+XSr
Neekrrz4xxJDRaXPrDSurY0jY6v/qxgXRspkmLDQcH+ZtwdCpYF5OZsxGSoBDejo
Stmf//sUoSX4o+CBUqc9NtFEpt48WpR/BcIEquhOscpkx7+rskRquHWTtM5ZRGbJ
aco8OG7iEhTeh/UU
=ht1D
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com