Resource exhaustion in Cisco Secure Firewall Management Center (formerly Firepower Management Center, FMC) - CVE-2018-0370
Published: July 13, 2018
Vulnerability identifier: #VU13857
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-0370
CWE-ID: CWE-400
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Cisco Systems, Inc
Affected software:
Cisco Secure Firewall Management Center (formerly Firepower Management Center, FMC)
Cisco Secure Firewall Management Center (formerly Firepower Management Center, FMC)
Detailed vulnerability description
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in the detection engine due to improper handling of traffic when the Secure Sockets Layer (SSL) inspection policy is enabled. A remote attacker can send malicious traffic through an affected device, increase the resource consumption of a single instance of the Snort detection engine on an affected device and cause performance degradation and eventually the restart of the affected Snort process.
How to mitigate CVE-2018-0370
Update to version 6.2.2.3, 6.2.3.