At the time of publication, this vulnerability affected all open source Snort project releases earlier than Release 2.9.14. For more information, see the Snort website.
At the time of publication, this vulnerability affected the following Cisco products if they were running a vulnerable release of Cisco software:
- 3000 Series Industrial Security Appliances (ISAs)
- Firepower Threat Defense (FTD) Software
At the time of publication, this vulnerability affected the following Cisco products if they were running a release earlier than the first fixed release of Cisco Unified Threat Defense (UTD) Snort Intrusion Prevention System (IPS) Engine for Cisco IOS XE Software or Cisco UTD Engine for Cisco IOS XE SD-WAN Software. Note: UTD is not installed on these devices by default. If the UTD file is not installed, the device is not vulnerable.
- 1000 Series Integrated Services Routers (ISRs)
- 4000 Series Integrated Services Routers (ISRs)
- Cloud Services Router 1000V
- Integrated Services Virtual Router (ISRv)
For information about which Cisco software releases are vulnerable, see the Fixed Software section of this advisory. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information.
Determine Whether UTD is Enabled
To determine whether UTD is enabled on a device, issue the show utd engine standard status command and check for a Yes under Running. If there is no output, the device is not affected. The following output example shows a device that has UTD enabled:
Router# show utd engine standard status
Engine version : 1.0.19_SV22.214.171.124_XE17.3
Profile : Cloud-Low
System memory :
Usage : 6.00 %
Status : Green
Number of engines : 1
Engine Running Health Reason
Engine(#1): Yes Green None
Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability.
Cisco has confirmed that this vulnerability does not affect the following Cisco products:
- Adaptive Security Appliance (ASA) Software
- Firepower Management Center (FMC) Software
- Meraki Security Appliances