CVE-2018-0272

A vulnerability in the Secure Sockets Layer (SSL) Engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper error handling while processing SSL traffic. An attacker could exploit this vulnerability by sending a large volume of crafted SSL traffic to the vulnerable device. A successful exploit could allow the attacker to degrade the device performance by triggering a persistent high CPU utilization condition. Cisco Bug IDs: CSCvh89340.

Published : 2018-04-19 20:29 Updated : 2019-10-09 23:31

4.3
CVSS Score More info
Score 4.3 / 10
4.3
Vendor Product Version URI
Cisco Firepower 6.2.1 cpe:/a:cisco:firepower:6.2.1
Cisco Firepower 6.2.2.1 cpe:/a:cisco:firepower:6.2.2.1
  1. Cisco (1) Search CVE
    1. Firepower (2) Search CVE
      1. 6.2.1
      2. 6.2.2.1

CWE

ID Name Description Links
CWE-755 Improper Handling of Exceptional Conditions The software does not handle or incorrectly handles an exceptional condition. CVE

History of changes

Date Event
2019-10-03 00:03
2018-05-22 14:02
2018-04-21 01:29
2018-04-19 20:29

New CVE