Lucene search
K

94 matches found

Positive Technologies
Positive Technologies
added 2021/01/13 12:0 a.m.2 views

PT-2021-1726 · Cisco +1 · Snort +1

Name of the Vulnerable Software and Affected Versions: Multiple Cisco products affected versions not specified Description: The issue is related to a vulnerability in the TCP Fast Open TFO protocol when used with the Snort detection engine. This vulnerability could allow an unauthenticated, remot...

8.6CVSS5.6AI score0.02367EPSS
Exploits0References42
OSV
OSV
added 2020/10/21 7:15 p.m.2 views

CVE-2020-3299

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker...

5.8CVSS6.2AI score0.02279EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2020/10/21 7:15 p.m.21 views

CVE-2020-3299

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker...

5.8CVSS6.2AI score0.02279EPSS
Exploits0References2
Prion
Prion
added 2020/10/21 7:15 p.m.26 views

Design/Logic Flaw

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker...

5CVSS5.9AI score0.02279EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2020/10/21 7:15 p.m.3 views

UBUNTU-CVE-2020-3299

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker...

5.8CVSS6.2AI score0.02279EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2020/10/21 6:25 p.m.13 views

CVE-2020-3299 Multiple Cisco Products SNORT HTTP Detection Engine File Policy Bypass Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker...

5.8CVSS6.8AI score0.02279EPSS
Exploits0References3
CVE
CVE
added 2020/10/21 6:25 p.m.103 views

CVE-2020-3299

CVE-2020-3299 affects multiple Cisco products via the Snort detection engine, where incorrect handling of modified HTTP packets in chunked responses can bypass an HTTP File Policy. The attack would require sending crafted HTTP requests through an affected device to bypass policy and deliver a pay...

5.8CVSS5.9AI score0.02279EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2020/10/21 6:25 p.m.31 views

CVE-2020-3299 Multiple Cisco Products SNORT HTTP Detection Engine File Policy Bypass Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker...

5.8CVSS6.8AI score0.02279EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2020/10/21 6:25 p.m.22 views

CVE-2020-3299

Removed by vendor...

5.8CVSS5.8AI score0.02279EPSS
Exploits0
Cisco
Cisco
added 2020/10/21 4:0 p.m.33 views

Multiple Cisco Products SNORT HTTP Detection Engine File Policy Bypass Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker...

5.8CVSS6.7AI score0.02279EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/09/04 12:0 a.m.65 views

Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass (cisco-sa-snort_filepolbypass-m4X5DgOP)

According to its self-reported version, Cisco IOS XE SD-WAN Software is affected by vulnerability in the Snort detection engine. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An unauthenticated, remote attacker can exploit this vulnerability...

5.8CVSS5.8AI score0.02156EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/09/04 12:0 a.m.35 views

Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass (cisco-sa-snort_filepolbypass-m4X5DgOP)

According to its self-reported version, Cisco Firepower Threat Defense Software is affected by vulnerability in the Snort detection engine. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An unauthenticated, remote attacker can exploit this...

5.8CVSS5.8AI score0.02156EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/09/04 12:0 a.m.36 views

Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass (cisco-sa-snort_filepolbypass-m4X5DgOP)

According to its self-reported version, Cisco IOS XE SD-WAN Software is affected by vulnerability in the Snort detection engine. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An unauthenticated, remote attacker can exploit this vulnerability...

5.8CVSS5.8AI score0.02156EPSS
Exploits0References4
Cvelist
Cvelist
added 2019/10/02 7:6 p.m.25 views

CVE-2019-12697 Cisco Firepower System Software Detection Engine RTF and RAR Malware and File Policy Bypass Vulnerabilities

Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory...

5.8CVSS7.7AI score0.01455EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/10/02 7:6 p.m.18 views

CVE-2019-12696 Cisco Firepower System Software Detection Engine RTF and RAR Malware and File Policy Bypass Vulnerabilities

Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory...

5.8CVSS7.7AI score0.01455EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2019/08/08 7:35 a.m.9 views

CVE-2019-1970 Cisco Firepower Threat Defense Software File Policy Bypass Vulnerability

A vulnerability in the Secure Sockets Layer SSL/Transport Layer Security TLS protocol inspection engine of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors...

5.8CVSS7.2AI score0.01493EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/08/08 7:35 a.m.28 views

CVE-2019-1970 Cisco Firepower Threat Defense Software File Policy Bypass Vulnerability

A vulnerability in the Secure Sockets Layer SSL/Transport Layer Security TLS protocol inspection engine of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors...

5.8CVSS7.5AI score0.01493EPSS
Exploits0References1
Prion
Prion
added 2018/10/05 2:29 p.m.21 views

Race condition

A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability exists because the affected software fails to releas...

7.1CVSS6.7AI score0.0112EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2018/07/16 5:29 p.m.18 views

Design/Logic Flaw

A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the transfer of files to an affected system via FTP. The vulnerability exists because the affected software incorrectly...

5CVSS8.5AI score0.03026EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2018/07/16 5:29 p.m.4 views

CVE-2018-0383

A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the transfer of files to an affected system via FTP. The vulnerability exists because the affected software incorrectly...

8.6CVSS5.8AI score0.03026EPSS
Exploits0References3
Rows per page
Query Builder