Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
424
Views
0
Helpful
1
Replies

Sig 5572.0 Severity different between platforms?

p.mckay
Level 1
Level 1

‎08-18-2005 10:46 AM - edited ‎03-10-2019 01:35 AM

Once again I am at a loss why in this release S186 does the signature 5572.0 have a difference in severities between versions.

Version 4x 5572. 0 Severity High

Version 5x 5572. 0 Severity Info

Labels:
0 Helpful
1 Reply 1

craiwill
Cisco Employee
Cisco Employee

‎08-18-2005 12:20 PM

In 4.x 5572-0 is the signature that detects the exploitation of the msdds.dll vulnerability. 5.x signature 5572-0 is a meta component of signatures 5572-1 and 5572-2 which use existing sigs in addition to 5572-0 to provide coverage for this vulnerability. By using existing signatures in addition to a simplified 5572-0 in 5.x we achieve the exact same coverage and use fewer sensor resources. You'll notice that the signatures that cover the vulnerability all have a severity rating of high.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card