#VU6401 Denial of service in Cisco Firepower Management Center
Vulnerability identifier: #VU6401
Vulnerability risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-399
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Cisco Firepower Management Center
Client/Desktop applications /
Antivirus software/Personal firewalls
Vendor: Cisco Systems, Inc
Description
The vulnerability alows a remote authenticated attacker to cause DoS condition on the target device.
The weakness exists due to improper SSL policy handling by the affected software when packets are passed through the sensing interfaces of an affected system. An attacker can send a specially crafted packets through a targeted system and cause an affected system to stop inspecting and processing packets.
Successful exploitation of the vulnerability may result in denial of service.
Mitigation
Update to version 6.1.0.3.
Vulnerable software versions
Cisco Firepower Management Center: 6.0.0 - 6.1.0.2
External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-ftd
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
