Cisco Firepower Threat Defense Software Vulnerability Database with Snort Detection Engine Security Policy Bypass and Denial of Service Issue

An issue with a Cisco Vulnerability Database (VDB) release for Cisco Firepower Threat Defense (FTD) Software could cause the Snort detection engine to restart unexpectedly when inspecting traffic. While the Snort detection engine is restarting, traffic could bypass Snort inspection or be dropped, depending on the device configuration. For more information, see the Details section of this advisory.

The Snort 2 and Snort 3 detection engines are both affected. The Snort detection engine will restart automatically. No manual intervention is required.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-vdb-snort-djj4cnbR

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication.

Security Impact Rating: Informational

Source:: Cisco Security Advisories