Security News > 2021 > March > Several Cisco Products Exposed to DoS Attacks Due to Snort Vulnerability
Cisco informed customers on Wednesday that several of its products are exposed to denial-of-service attacks due to a vulnerability in the Snort detection engine.
Cisco says the vulnerability is in the Ethernet Frame Decoder component of Snort.
These devices are affected if they are running a vulnerable version of Cisco UTD Snort IPS engine software for IOS XE or Cisco UTD Engine for IOS XE SD-WAN, and they are configured to pass Ethernet frames to Snort.
Cisco says the vulnerability is related to a Firepower Threat Defense issue patched in October 2020.
The vulnerability was found during the resolution of a support case and there is no evidence that it has been exploited in malicious attacks.
Cisco on Wednesday also published advisories for a dozen other vulnerabilities, which have been assigned a medium severity rating.
News URL
Related news
- CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks (source)
- Versa fixes Director zero-day vulnerability exploited in attacks (source)
- Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus (source)
- Cisco fixes root escalation vulnerability with public exploit code (source)
- Cisco Fixes Two Critical Flaws in Smart Licensing Utility to Prevent Remote Attacks (source)
- Cisco merch shoppers stung in Magecart attack (source)
- Windows vulnerability abused braille “spaces” in zero-day attacks (source)
- SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks (source)