Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints. An attacker could exploit this vulnerability by sending a crafted IP packet to the affected device. A successful exploit could allow the attacker to cause through traffic to be dropped. Note: Only products with Snort3 configured and either a rule with Block with Reset or Interactive Block with Reset actions configured are vulnerable. Products configured with Snort2 are not vulnerable.
References
Link | Resource |
---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-RywH7ezM | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: cisco
Published: 2021-10-27T00:00:00
Updated: 2021-10-27T18:56:42
Reserved: 2021-08-25T00:00:00
Link: CVE-2021-40116
JSON object: View
NVD Information
Status : Modified
Published: 2021-10-27T19:15:08.717
Modified: 2023-11-07T03:38:28.713
Link: CVE-2021-40116
JSON object: View
Redhat Information
No data.