cisco firepower_threat_defense 不加限制或调节的资源分配

CVE编号

CVE-2022-20751

利用情况

暂无

补丁情况

N/A

披露时间

2022-05-03
漏洞描述
A vulnerability in the Snort detection engine integration for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause unlimited memory consumption, which could lead to a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient memory management for certain Snort events. An attacker could exploit this vulnerability by sending a series of crafted IP packets that would generate specific Snort events on an affected device. A sustained attack could cause an out of memory condition on the affected device. A successful exploit could allow the attacker to interrupt all traffic flowing through the affected device. In some circumstances, the attacker may be able to cause the device to reload, resulting in a DoS condition.
解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
受影响软件情况
# 类型 厂商 产品 版本 影响面
1
运行在以下环境
应用 cisco firepower_threat_defense * Up to
(excluding)
6.4.0.15
运行在以下环境
应用 cisco firepower_threat_defense * From
(including)
6.5.0
Up to
(excluding)
6.6.5.2
运行在以下环境
应用 cisco firepower_threat_defense * From
(including)
7.0.0
Up to
(excluding)
7.0.2
运行在以下环境
应用 cisco firepower_threat_defense 7.1.0 -
运行在以下环境
硬件 cisco firepower_1000 - -
运行在以下环境
硬件 cisco firepower_1010 - -
运行在以下环境
硬件 cisco firepower_1020 - -
运行在以下环境
硬件 cisco firepower_1030 - -
运行在以下环境
硬件 cisco firepower_1040 - -
运行在以下环境
硬件 cisco firepower_1120 - -
运行在以下环境
硬件 cisco firepower_1140 - -
运行在以下环境
硬件 cisco firepower_1150 - -
运行在以下环境
硬件 cisco firepower_2100 - -
运行在以下环境
硬件 cisco firepower_2110 - -
运行在以下环境
硬件 cisco firepower_2120 - -
运行在以下环境
硬件 cisco firepower_2130 - -
运行在以下环境
硬件 cisco firepower_2140 - -
运行在以下环境
硬件 cisco firepower_4100 - -
运行在以下环境
硬件 cisco firepower_4110 - -
运行在以下环境
硬件 cisco firepower_4112 - -
运行在以下环境
硬件 cisco firepower_4115 - -
运行在以下环境
硬件 cisco firepower_4120 - -
运行在以下环境
硬件 cisco firepower_4125 - -
运行在以下环境
硬件 cisco firepower_4140 - -
运行在以下环境
硬件 cisco firepower_4145 - -
运行在以下环境
硬件 cisco firepower_4150 - -
CVSS3评分
7.5
  • 攻击路径
    网络
  • 攻击复杂度
  • 权限要求
  • 影响范围
    未更改
  • 用户交互
  • 可用性
  • 保密性
  • 完整性
CWE-ID 漏洞类型
CWE-770 不加限制或调节的资源分配
阿里云安全产品覆盖情况