QID 316999
Date Published: 2021-07-22
QID 316999: Cisco Firepower Threat Defense Software Release 7.0.0 IPsec Denial of Service Vulnerability(cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC)
A vulnerability in the software cryptography module of Cisco Firepower Threat Defense (FTD) Software
could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexpected
reload of the device that results in a denial of service (DoS) condition.
Affected Products
Cisco products if they are running Cisco FTD Software Release From 7.0.0 Prior to 7.0.0.1 Build 15 and are configured
to support IPsec connections to the device :
Firepower 2100 Series
Firepower NGFW Virtual
Note: These devices are not vulnerable if Federal Information Processing Standards Publication (FIPS) mode is enabled
Potential detection as cannot confirm Federal Information Processing Standards Publication (FIPS) mode is enabled
QID Detection Logic (Authenticated):
The Qid checks for the Vulnerable version of Cisco FTD in the response of "version" command.
A successful exploit could cause the device to crash, forcing it to reload.
Successful exploitation of this vulnerability would not cause a compromise of any encrypted data.
Customers are advised to refer to cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC for more information.
- cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC -
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC
CVEs related to QID 316999
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC |
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC |