Cisco Secure Firewall Threat Defense Software TLS with Snort 3 Detection Engine Denial of Service Vulnerability
Summary
A vulnerability in the TLS cryptography functionality of the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to unexpectedly restart, resulting in a denial of service (DoS) condition. This vulnerability is due to improper implementation of the TLS protocol. An attacker could exploit this vulnerability by sending a crafted TLS packet to an affected system. A successful exploit could allow the attacker to cause a device that is running Cisco Secure FTD Software to drop network…
- Scope: At the time of publication, this vulnerability affected Cisco products if they were running a vulnerable release of Cisco Secure FTD Software or Cisco FirePOWER Services and the following conditions were met:
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Mitigation checklist
- As a workaround for this vulnerability, configure the device so that traffic from a specific TLS version is not blocked. To implement the workaround, complete the following steps:
- Log in to the Cisco Secure FMC Software web-based management interface.
- From the Policies menu, choose Access Control > SSL or Access Control > Decryption.
- Choose the appropriate SSL or decryption policy.
- Click the Edit pencil icon.
- Choose the appropriate rule.
- Click the Edit pencil icon.
- Click the Version tab.
- Ensure that all version check boxes are checked.
- Click Save to deploy the changes.
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.