A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause unlimited memory consumption, which could lead to a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient memory management for certain Snort events. An attacker could exploit this vulnerability by sending a series of crafted IP packets that would generate specific Snort events on an affected device. A sustained attack could cause an out of memory condition on the affected device. A successful exploit could allow the attacker to interrupt all traffic flowing through the affected device. In some circumstances, the attacker may be able to cause the device to reload, resulting in a DoS condition.
References
Link | Resource |
---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort-dos-hd2hFgM | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
24 Jan 2023, 15:40
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.0:*:*:*:*:*:*:* |
13 May 2022, 02:24
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-770 | |
References | (CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort-dos-hd2hFgM - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 7.1
v3 : 7.5 |
First Time |
Cisco firepower Threat Defense
Cisco firepower 1010 Cisco firepower 1140 Cisco firepower 1020 Cisco firepower 4150 Cisco firepower 2130 Cisco firepower 4145 Cisco firepower 4125 Cisco firepower 4140 Cisco firepower 2140 Cisco firepower 4115 Cisco firepower 2120 Cisco firepower 4100 Cisco firepower 2100 Cisco firepower 1030 Cisco firepower 4110 Cisco firepower 1150 Cisco firepower 4112 Cisco firepower 4120 Cisco firepower 1120 Cisco firepower 2110 Cisco firepower 1000 Cisco Cisco firepower 1040 |
|
CPE | cpe:2.3:h:cisco:firepower_4100:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_1040:-:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_1000:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_2100:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_1030:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:firepower_1020:-:*:*:*:*:*:*:* |
03 May 2022, 04:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-05-03 04:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-20751
Mitre link : CVE-2022-20751
CVE.ORG link : CVE-2022-20751
JSON object : View
Products Affected
cisco
- firepower_1030
- firepower_1000
- firepower_threat_defense
- firepower_4100
- firepower_4120
- firepower_1010
- firepower_2100
- firepower_4112
- firepower_1040
- firepower_4115
- firepower_1120
- firepower_2120
- firepower_1150
- firepower_1020
- firepower_2140
- firepower_4140
- firepower_2110
- firepower_1140
- firepower_4110
- firepower_4125
- firepower_2130
- firepower_4150
- firepower_4145
CWE
CWE-770
Allocation of Resources Without Limits or Throttling