CVE-2018-15462Allocation of Resources Without Limits or Throttling in Cisco Firepower Threat Defense Software

CWE-399CWE-770Allocation of Resources Without Limits or Throttling4 documents4 sources
Severity
7.5HIGHNVD
CNA8.6
EPSS
0.4%
top 40.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Firepower Threat Defense SoftwareCisco Firepower Threat Defense
Timeline
PublishedMay 3
Latest updateMay 24

Description

A vulnerability in the TCP ingress handler for the data interfaces that are configured with management access to Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an increase in CPU and memory usage, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient ingress TCP rate limiting for TCP ports 22 (SSH) and 443 (HTTPS). An attacker could exploit this vulnerability by sending a crafted, steady stream of TCP tr

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5cisco/cisco_firepower_threat_defense_softwareunspecified6.2.3.12+1
NVDcisco/firepower_threat_defense6.3.06.3.0.3+1

🔴Vulnerability Details

2
GHSA
GHSA-j9qq-8x6v-fqhq: A vulnerability in the TCP ingress handler for the data interfaces that are configured with management access to Cisco Firepower Threat Defense (FTD)2022-05-24
CVEList
Cisco Firepower Threat Defense Software TCP Ingress Handler Denial of Service Vulnerability2019-05-03

📋Vendor Advisories

1
Cisco
Cisco Firepower Threat Defense Software TCP Ingress Handler Denial of Service Vulnerability2019-05-01
CVE-2018-15462 — Cisco vulnerability | cvebase