Multiple Cisco Products Snort SMB2 Detection Engine Policy Bypass and Denial of Service Vulnerabilities
|
System information
|
|
|
Affected software |
Cisco |
Description
|
Multiple vulnerabilities in the Server Message Block Version 2 (SMB2) processor of the Snort detection engine on multiple Cisco products could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device. These vulnerabilities are due to improper management of system resources when the Snort detection engine is processing SMB2 traffic. An attacker could exploit these vulnerabilities by sending a high rate of
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-smb-3nfhJtr?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Multiple%20Cisco%20Products%20Snort%20SMB2%20Detection%20Engine%20Policy%20Bypass%20and%20Denial%20of%20Service%20Vulnerabilities&vs_k=1 |
Standar resources
|
Property |
Value |
CVE |
CVE-2022-20922 and CVE-2022-20943. |