Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

Cisco Snort++ Protocol Decoder Denial of Service Vulnerabilities

cisco-sa-20170515-snort · Medium · Published · Updated

Two vulnerabilities in the protocol decoders of Snort++ (Snort 3) could allow an unauthenticated, remote attacker to create a Denial of Service (DoS) condition. The vulnerabilities are due to lack of validation in the protocol decoders. An attacker could exploit these vulnerabilities by crafting a malicious packet and sending it through the targeted device. A successful exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170515-snort

Cisco advisory · CSAF JSON

Workarounds

There are no workarounds that address these vulnerabilities.

CVEsCVE-2017-6657, CVE-2017-6658
Cisco Bug IDsNA
CVSS ScoreBase 8.6
Base 8.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:X/RL:X/RC:X
Product Names From Source
Cisco Snort++

Related Products

Product CVE Evidence
Cisco Snort++ CVE-2017-6658 Cisco OpenVuln
Cisco Snort++ CVE-2017-6657 Cisco OpenVuln