Design/Logic Flaw

2023-11-0118:15:00

PRIOn knowledge base

www.prio-n.com

cisco

snort

ftp

vulnerability

policy bypass

remote attacker

crafted traffic

malicious payload

5.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.8%

JSON

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and deliver a malicious payload.

CPENameOperatorVersion
cyber_visionlt4.1.3
firepower_threat_defenselt6.4.0.17
firepower_threat_defensege6.5.0
firepower_threat_defenselt7.0.6
firepower_threat_defensege7.1.0
firepower_threat_defenselt7.2.4
firepower_threat_defensege7.3.0
firepower_threat_defenselt7.3.1.2
firepower_threat_defensege6.7.0
firepower_threat_defenselt7.0.5

Name	Operator	Version
cyber_vision	lt	4.1.3
firepower_threat_defense	lt	6.4.0.17
firepower_threat_defense	ge	6.5.0
firepower_threat_defense	lt	7.0.6
firepower_threat_defense	ge	7.1.0
firepower_threat_defense	lt	7.2.4
firepower_threat_defense	ge	7.3.0
firepower_threat_defense	lt	7.3.1.2
firepower_threat_defense	ge	6.7.0
firepower_threat_defense	lt	7.0.5