CVE-2018-0254

Опубликовано: 19 апр. 2018

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Низкий

Описание

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass configured file action policies if an Intelligent Application Bypass (IAB) with a drop percentage threshold is also configured. The vulnerability is due to incorrect counting of the percentage of dropped traffic. An attacker could exploit this vulnerability by sending network traffic to a targeted device. An exploit could allow the attacker to bypass configured file action policies, and traffic that should be dropped could be allowed into the network. Cisco Bug IDs: CSCvf86435.

Ссылки

http://www.securityfocus.com/bid/103940
Third Party Advisory
VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss2
Vendor Advisory
http://www.securityfocus.com/bid/103940
Third Party Advisory
VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss2
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.5:*:*:*:*:*:*:*

cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.2:*:*:*:*:*:*:*

cpe:2.3:a:cisco:firepower_threat_defense:6.2.1:*:*:*:*:*:*:*

cpe:2.3:a:cisco:firepower_threat_defense:6.2.2:*:*:*:*:*:*:*

Одно из

cpe:2.3:h:cisco:amp_7150:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:amp_8150:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firepower_appliance_7010:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firepower_appliance_7020:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firepower_appliance_7030:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firepower_appliance_7050:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firepower_appliance_7110:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firepower_appliance_7115:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firepower_appliance_7120:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firepower_appliance_7125:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firepower_appliance_8120:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firepower_appliance_8130:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firepower_appliance_8140:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firepower_appliance_8250:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firepower_appliance_8260:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firepower_appliance_8270:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firepower_appliance_8290:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firepower_appliance_8350:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firepower_appliance_8360:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firepower_appliance_8370:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firepower_appliance_8390:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firepower_management_center_1000:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firepower_management_center_2000:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firepower_management_center_2500:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firepower_management_center_4000:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firepower_management_center_4500:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firesight_management_center_1500:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firesight_management_center_3500:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:firesight_management_center_750:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:ngips_virtual_appliance:-:*:*:*:*:*:*:*

EPSS

Процентиль: 45%

0.00227

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-693

Связанные уязвимости

GHSA-h2c2-gxr2-8xp4