A vulnerability in the ssl_inspection component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to crash Snort instances. The vulnerability is due to insufficient input validation in the ssl_inspection component. An attacker could exploit this vulnerability by sending a malformed TLS packet through a Cisco Adaptive Security Appliance (ASA). A successful exploit could allow the attacker to crash a Snort instance, resulting in a denial of service (DoS) condition.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2020-10-21T18:36:43.291735Z
Updated: 2024-09-17T00:30:26.563Z
Reserved: 2019-12-12T00:00:00
Link: CVE-2020-3317
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-10-21T19:15:15.717
Modified: 2021-09-22T19:57:52.363
Link: CVE-2020-3317
Redhat
No data.