CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
30.5%
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and deliver a malicious payload.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | firepower_threat_defense | * | cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* |
snort | snort | 2.0 | cpe:2.3:a:snort:snort:2.0:-:*:*:*:*:*:* |
snort | snort | * | cpe:2.3:a:snort:snort:*:*:*:*:*:*:*:* |
cisco | cyber_vision | * | cpe:2.3:a:cisco:cyber_vision:*:*:*:*:*:*:*:* |
cisco | unified_threat_defense | * | cpe:2.3:a:cisco:unified_threat_defense:*:*:*:*:*:*:*:* |
cisco | meraki_mx_security_appliance_firmware | - | cpe:2.3:o:cisco:meraki_mx_security_appliance_firmware:-:*:*:*:*:*:*:* |
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
30.5%