23 matches found
GHSA-2H44-X2WX-49F4 Potential HTTP policy bypass when using header rules in Cilium
Impact This issue only impacts users who: - Have a HTTP policy that applies to multiple toEndpoints AND - Have an allow-all rule in place that affects only one of those endpoints In such cases, a wildcard rule will be appended to the set of HTTP rules, which could cause bypass of HTTP policies...
CVE-2021-1495
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker could exploit this...
PT-2020-4710 · Cisco +1 · Cisco Ftd +5
Name of the Vulnerable Software and Affected Versions: Cisco Firepower Threat Defense FTD versions affected versions not specified Cisco SD-WAN versions affected versions not specified Cisco IOS XE versions affected versions not specified Cisco Meraki versions affected versions not specified...