Lucene search
+L

47 matches found

CVE
CVE
added 2018/04/19 8:0 p.m.58 views

CVE-2018-0254

Cisco Firepower System Software’s detection engine is affected by CVE-2018-0254. The issue arises when Intelligent Application Bypass (IAB) with a drop percentage threshold is configured, causing incorrect counting of dropped traffic. An unauthenticated, remote attacker could exploit this to bypa...

5.3CVSS5.3AI score0.01229EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2018/04/19 8:0 p.m.9 views

CVE-2018-0243

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy that is intended to drop the Server Message Block Version 2 SMB2 and SMB Version 3 SMB3 protocols if malware is detected. The...

6.9AI score0.01229EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2018/04/19 8:0 p.m.12 views

CVE-2018-0272

A vulnerability in the Secure Sockets Layer SSL Engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to improper error handling while processing SSL traffic. An attacker could exploit this...

7AI score0.01337EPSS
Exploits0References2
Cisco
Cisco
added 2018/04/18 4:0 p.m.56 views

Cisco Firepower Detection Engine Secure Sockets Layer Denial of Service Vulnerability

A vulnerability in the Secure Sockets Layer SSL packet reassembly functionality of the detection engine in Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the detection engine to consume excessive system memory on an affected device, which could cause a...

8.6CVSS1.7AI score0.02483EPSS
Exploits0References1
NVD
NVD
added 2018/02/08 7:29 a.m.24 views

CVE-2018-0138

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass file policies that are configured to block files transmitted to an affected device via the BitTorrent protocol. The vulnerability exists because the affected softwa...

5.3CVSS5.3AI score0.01185EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/02/08 7:0 a.m.26 views

CVE-2018-0138

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass file policies that are configured to block files transmitted to an affected device via the BitTorrent protocol. The vulnerability exists because the affected softwa...

5.3AI score0.01185EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2018/02/08 7:0 a.m.8 views

CVE-2018-0138

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass file policies that are configured to block files transmitted to an affected device via the BitTorrent protocol. The vulnerability exists because the affected softwa...

6.9AI score0.01185EPSS
Exploits0References2
Prion
Prion
added 2017/11/16 7:29 a.m.15 views

Arbitrary file deletion

A vulnerability in the SNORT detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the Server Message Block Version 2 SMB2 protocol. The vulnerability is due to the incorrect detection of an SMB2 fil...

5CVSS5.7AI score0.01604EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2017/11/16 7:29 a.m.25 views

CVE-2017-12300

A vulnerability in the SNORT detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the Server Message Block Version 2 SMB2 protocol. The vulnerability is due to the incorrect detection of an SMB2 fil...

5.8CVSS5.7AI score0.01604EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/11/16 7:0 a.m.22 views

CVE-2017-12300

A vulnerability in the SNORT detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the Server Message Block Version 2 SMB2 protocol. The vulnerability is due to the incorrect detection of an SMB2 fil...

5.7AI score0.01604EPSS
Exploits0References2
Prion
Prion
added 2017/10/05 7:29 a.m.17 views

Input validation

A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause high CPU utilization or to cause a denial of service DoS condition because the Snort process restarts unexpectedly. The vulnerability is due...

5CVSS8.4AI score0.0158EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/10/05 7:0 a.m.35 views

CVE-2017-12244

A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause high CPU utilization or to cause a denial of service DoS condition because the Snort process restarts unexpectedly. The vulnerability is due...

8.6AI score0.0158EPSS
Exploits0References2
NVD
NVD
added 2017/04/20 10:59 p.m.20 views

CVE-2016-6368

A vulnerability in the detection engine parsing of Pragmatic General Multicast PGM protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition due to the Snort process unexpectedly restarting. The vulnerability is...

8.6CVSS8.5AI score0.03013EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/04/20 10:0 p.m.29 views

CVE-2016-6368

A vulnerability in the detection engine parsing of Pragmatic General Multicast PGM protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition due to the Snort process unexpectedly restarting. The vulnerability is...

8.5AI score0.03013EPSS
Exploits0References3
CNVD
CNVD
added 2017/04/11 12:0 a.m.3 views

Cisco Firepower System Software Denial of Service Vulnerability (CNVD-2017-05516)

Cisco Firepower System Software is a next-generation firewall product from Cisco. A security vulnerability exists in Cisco Firepower System Software. A remote attacker could exploit the vulnerability to send a specially crafted HTTP request for a denial of service attack...

7.1CVSS6.8AI score0.01473EPSS
Exploits0References1
OSV
OSV
added 2017/04/07 5:59 p.m.3 views

CVE-2017-3885

A vulnerability in the detection engine reassembly of Secure Sockets Layer SSL packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition because the Snort process consumes a high level of CPU resources. Affected Products...

5.9CVSS5.8AI score0.01473EPSS
Exploits0References2
NVD
NVD
added 2017/04/07 5:59 p.m.28 views

CVE-2017-3887

A vulnerability in the detection engine that handles Secure Sockets Layer SSL packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition because the Snort process unexpectedly restarts. This vulnerability affects Cisco...

5.9CVSS5.8AI score0.01266EPSS
Exploits0References2
CVE
CVE
added 2017/04/07 5:0 p.m.61 views

CVE-2017-3887

CVE-2017-3887 concerns Cisco Firepower System Software’s SSL packet handling in the detection engine when configured with an SSL Decrypt-Resign policy. An unauthenticated, remote attacker could trigger a DoS by causing the Snort process to restart, degrading or bypassing traffic inspection. Affec...

5.9CVSS5.7AI score0.01266EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2017/02/03 7:59 a.m.22 views

Information disclosure

A vulnerability in Cisco Firepower System Software could allow an unauthenticated, remote attacker to maliciously bypass the appliance's ability to block certain web content, aka a URL Bypass. More Information: CSCvb93980. Known Affected Releases: 5.3.0 5.4.0 6.0.0 6.0.1 6.1.0...

5CVSS5.7AI score0.01853EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2016/11/19 3:3 a.m.25 views

Design/Logic Flaw

A vulnerability in the FTP Representational State Transfer Application Programming Interface REST API for Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass FTP malware detection rules and download malware over an FTP connection. Cisco Firepower System...

5CVSS7.2AI score0.01553EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder