CVE-2018-0385

Description

A vulnerability in the detection engine parsing of Security Socket Layer (SSL) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. The vulnerability is due to improper input handling of the SSL traffic. An attacker could exploit this vulnerability by sending a crafted SSL traffic to the detection engine on the targeted device. An exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped. Cisco Bug IDs: CSCvi36434.

Risk Information

Base Score

7.5

MODERATE

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score

Exploitation Probability

0.297

Associated Vulnerability

Vulnerability	OS Platform
Cisco Firepower System Software SSL Denial of Service Vulnerability For Cisco Firepower Management Center Virtual Appliance	NCM
Improper Input Validation Vulnerability (CVE-2018-0385)	NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-1705938	Security Update for Cisco Firepower Management Center Virtual Appliance 6.1.0.1

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234