47 matches found
CVE-2018-0254
Cisco Firepower System Software’s detection engine is affected by CVE-2018-0254. The issue arises when Intelligent Application Bypass (IAB) with a drop percentage threshold is configured, causing incorrect counting of dropped traffic. An unauthenticated, remote attacker could exploit this to bypa...
CVE-2018-0243
A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy that is intended to drop the Server Message Block Version 2 SMB2 and SMB Version 3 SMB3 protocols if malware is detected. The...
CVE-2018-0272
A vulnerability in the Secure Sockets Layer SSL Engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to improper error handling while processing SSL traffic. An attacker could exploit this...
Cisco Firepower Detection Engine Secure Sockets Layer Denial of Service Vulnerability
A vulnerability in the Secure Sockets Layer SSL packet reassembly functionality of the detection engine in Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the detection engine to consume excessive system memory on an affected device, which could cause a...
CVE-2018-0138
A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass file policies that are configured to block files transmitted to an affected device via the BitTorrent protocol. The vulnerability exists because the affected softwa...
CVE-2018-0138
A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass file policies that are configured to block files transmitted to an affected device via the BitTorrent protocol. The vulnerability exists because the affected softwa...
CVE-2018-0138
A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass file policies that are configured to block files transmitted to an affected device via the BitTorrent protocol. The vulnerability exists because the affected softwa...
Arbitrary file deletion
A vulnerability in the SNORT detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the Server Message Block Version 2 SMB2 protocol. The vulnerability is due to the incorrect detection of an SMB2 fil...
CVE-2017-12300
A vulnerability in the SNORT detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the Server Message Block Version 2 SMB2 protocol. The vulnerability is due to the incorrect detection of an SMB2 fil...
CVE-2017-12300
A vulnerability in the SNORT detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the Server Message Block Version 2 SMB2 protocol. The vulnerability is due to the incorrect detection of an SMB2 fil...
Input validation
A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause high CPU utilization or to cause a denial of service DoS condition because the Snort process restarts unexpectedly. The vulnerability is due...
CVE-2017-12244
A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause high CPU utilization or to cause a denial of service DoS condition because the Snort process restarts unexpectedly. The vulnerability is due...
CVE-2016-6368
A vulnerability in the detection engine parsing of Pragmatic General Multicast PGM protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition due to the Snort process unexpectedly restarting. The vulnerability is...
CVE-2016-6368
A vulnerability in the detection engine parsing of Pragmatic General Multicast PGM protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition due to the Snort process unexpectedly restarting. The vulnerability is...
Cisco Firepower System Software Denial of Service Vulnerability (CNVD-2017-05516)
Cisco Firepower System Software is a next-generation firewall product from Cisco. A security vulnerability exists in Cisco Firepower System Software. A remote attacker could exploit the vulnerability to send a specially crafted HTTP request for a denial of service attack...
CVE-2017-3885
A vulnerability in the detection engine reassembly of Secure Sockets Layer SSL packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition because the Snort process consumes a high level of CPU resources. Affected Products...
CVE-2017-3887
A vulnerability in the detection engine that handles Secure Sockets Layer SSL packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition because the Snort process unexpectedly restarts. This vulnerability affects Cisco...
CVE-2017-3887
CVE-2017-3887 concerns Cisco Firepower System Software’s SSL packet handling in the detection engine when configured with an SSL Decrypt-Resign policy. An unauthenticated, remote attacker could trigger a DoS by causing the Snort process to restart, degrading or bypassing traffic inspection. Affec...
Information disclosure
A vulnerability in Cisco Firepower System Software could allow an unauthenticated, remote attacker to maliciously bypass the appliance's ability to block certain web content, aka a URL Bypass. More Information: CSCvb93980. Known Affected Releases: 5.3.0 5.4.0 6.0.0 6.0.1 6.1.0...
Design/Logic Flaw
A vulnerability in the FTP Representational State Transfer Application Programming Interface REST API for Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass FTP malware detection rules and download malware over an FTP connection. Cisco Firepower System...