Symptom
A vulnerability in Third Party Software (TPS) package MySQL for Cisco Firepower Management Center could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.
The vulnerability is due to what is known as the Unix Millennium Bug with setting the date past January 19th, 2038. The MySQL TPS package will hang or restart if this special date is detected. An attacker could exploit this vulnerability by first performing a man-in-the-middle attack to position themselves as a rouge Network Time Protocol (NTP) server within the network. An exploit could allow the attacker to cause the device to go offline causing a denial of service condition. The MySQL TPS package does not have a fix at this time but the code has been modified to not allow the known bad date setting from NTP or manual configuration.
Conditions
The device synchronizes clock from NTP delivering clock after 19 Jan - 2038.
Workaround
Find and correct the NTP server which is advertising the incorrect time.
Further Problem Description
None
PSIRT Evaluation
The Cisco PSIRT has assigned this bug the following CVSS version 3 score. The Base CVSS score as of the time of evaluation is 6.8:
https://tools.cisco.com/security/center/cvssCalculator.x?version=3.0&vector=CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
No CVE ID has been assigned to this issue.
Additional information on Cisco''s security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
