Lucene search
CiscoCVELIST:CVE-2018-0297HistoryMay 17, 2018 - 3:00 a.m.
CVE-2018-0297
2018-05-1703:00:00
CWE-693
cisco
www.cve.org
A vulnerability in the detection engine of Cisco Firepower Threat Defense software could allow an unauthenticated, remote attacker to bypass a configured Secure Sockets Layer (SSL) Access Control (AC) policy to block SSL traffic. The vulnerability is due to the incorrect handling of TCP SSL packets received out of order. An attacker could exploit this vulnerability by sending a crafted SSL connection through the affected device. A successful exploit could allow the attacker to bypass a configured SSL AC policy to block SSL traffic. Cisco Bug IDs: CSCvg09316.
CNA Affected
[
{
"product": "Cisco Firepower Threat Defense Software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Firepower Threat Defense Software"
}
]
}
]Related
cve
cve
CVE-2018-0297
2018-05-17 03:29:00
prion
prion
Design/Logic Flaw
2018-05-17 03:29:00
nvd
nvd
CVE-2018-0297
2018-05-17 03:29:00
cisco
cisco
Cisco Firepower Threat Defense Software Policy Bypass Vulnerability
2018-05-16 16:00:00