Security News > 2021 > March > Several Cisco Products Exposed to DoS Attacks Due to Snort Vulnerability
Cisco informed customers on Wednesday that several of its products are exposed to denial-of-service attacks due to a vulnerability in the Snort detection engine.
Cisco says the vulnerability is in the Ethernet Frame Decoder component of Snort.
These devices are affected if they are running a vulnerable version of Cisco UTD Snort IPS engine software for IOS XE or Cisco UTD Engine for IOS XE SD-WAN, and they are configured to pass Ethernet frames to Snort.
Cisco says the vulnerability is related to a Firepower Threat Defense issue patched in October 2020.
The vulnerability was found during the resolution of a support case and there is no evidence that it has been exploited in malicious attacks.
Cisco on Wednesday also published advisories for a dozen other vulnerabilities, which have been assigned a medium severity rating.
News URL
Related news
- Cisco Issues Urgent Fix for ASA and FTD Software Vulnerability Under Active Attack (source)
- Cisco fixes VPN DoS flaw discovered in password spray attacks (source)
- CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack (source)
- FortiManager critical vulnerability under active attack (source)
- Emergency patch: Cisco fixes bug under exploit in brute-force attacks (source)
- New Cisco ASA and FTD features block VPN brute-force password attacks (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)