QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2018-0272

Back to search

CVE-2018-0272

Published: Apr 19, 2018

Modified: Nov 29, 2024

PUBLISHED

Description

A vulnerability in the Secure Sockets Layer (SSL) Engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper error handling while processing SSL traffic. An attacker could exploit this vulnerability by sending a large volume of crafted SSL traffic to the vulnerable device. A successful exploit could allow the attacker to degrade the device performance by triggering a persistent high CPU utilization condition. Cisco Bug IDs: CSCvh89340.

VendorProductVersions

n/a

Cisco Firepower Threat Defense

affected
Cisco Firepower Threat Defense

Weaknesses (CWE)

CWE-399

References

103925
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now