94 matches found
PT-2021-1726 · Cisco +1 · Snort +1
Name of the Vulnerable Software and Affected Versions: Multiple Cisco products affected versions not specified Description: The issue is related to a vulnerability in the TCP Fast Open TFO protocol when used with the Snort detection engine. This vulnerability could allow an unauthenticated, remot...
CVE-2020-3299
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker...
CVE-2020-3299
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker...
Design/Logic Flaw
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker...
UBUNTU-CVE-2020-3299
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker...
CVE-2020-3299 Multiple Cisco Products SNORT HTTP Detection Engine File Policy Bypass Vulnerability
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker...
CVE-2020-3299
CVE-2020-3299 affects multiple Cisco products via the Snort detection engine, where incorrect handling of modified HTTP packets in chunked responses can bypass an HTTP File Policy. The attack would require sending crafted HTTP requests through an affected device to bypass policy and deliver a pay...
CVE-2020-3299 Multiple Cisco Products SNORT HTTP Detection Engine File Policy Bypass Vulnerability
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker...
CVE-2020-3299
Removed by vendor...
Multiple Cisco Products SNORT HTTP Detection Engine File Policy Bypass Vulnerability
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker...
Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass (cisco-sa-snort_filepolbypass-m4X5DgOP)
According to its self-reported version, Cisco IOS XE SD-WAN Software is affected by vulnerability in the Snort detection engine. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An unauthenticated, remote attacker can exploit this vulnerability...
Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass (cisco-sa-snort_filepolbypass-m4X5DgOP)
According to its self-reported version, Cisco Firepower Threat Defense Software is affected by vulnerability in the Snort detection engine. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An unauthenticated, remote attacker can exploit this...
Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass (cisco-sa-snort_filepolbypass-m4X5DgOP)
According to its self-reported version, Cisco IOS XE SD-WAN Software is affected by vulnerability in the Snort detection engine. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An unauthenticated, remote attacker can exploit this vulnerability...
CVE-2019-12697 Cisco Firepower System Software Detection Engine RTF and RAR Malware and File Policy Bypass Vulnerabilities
Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory...
CVE-2019-12696 Cisco Firepower System Software Detection Engine RTF and RAR Malware and File Policy Bypass Vulnerabilities
Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory...
CVE-2019-1970 Cisco Firepower Threat Defense Software File Policy Bypass Vulnerability
A vulnerability in the Secure Sockets Layer SSL/Transport Layer Security TLS protocol inspection engine of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors...
CVE-2019-1970 Cisco Firepower Threat Defense Software File Policy Bypass Vulnerability
A vulnerability in the Secure Sockets Layer SSL/Transport Layer Security TLS protocol inspection engine of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors...
Race condition
A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability exists because the affected software fails to releas...
Design/Logic Flaw
A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the transfer of files to an affected system via FTP. The vulnerability exists because the affected software incorrectly...
CVE-2018-0383
A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the transfer of files to an affected system via FTP. The vulnerability exists because the affected software incorrectly...