Vulnerabilities (CVE)

Filtered by vendor Cisco Subscribe
Filtered by product Unified Threat Defense
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-20071 2 Cisco, Snort 5 Cyber Vision, Firepower Threat Defense, Meraki Mx Security Appliance Firmware and 2 more 2024-02-28 N/A 5.8 MEDIUM
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and deliver a malicious payload.
CVE-2021-40114 2 Cisco, Snort 4 Firepower Management Center, Firepower Threat Defense, Unified Threat Defense and 1 more 2024-02-28 7.8 HIGH 7.5 HIGH
Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper memory resource management while the Snort detection engine is processing ICMP packets. An attacker could exploit this vulnerability by sending a series of ICMP packets through an affected device. A successful exploit could allow the attacker to exhaust resources on the affected device, causing the device to reload.