Loading HuntDB...

CVE-2018-0254

UNKNOWN
Published 2018-04-19T20:00:00
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2018-0254. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass configured file action policies if an Intelligent Application Bypass (IAB) with a drop percentage threshold is also configured. The vulnerability is due to incorrect counting of the percentage of dropped traffic. An attacker could exploit this vulnerability by sending network traffic to a targeted device. An exploit could allow the attacker to bypass configured file action policies, and traffic that should be dropped could be allowed into the network. Cisco Bug IDs: CSCvf86435.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-h2c2-gxr2-8xp4

Advisory Details

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass configured file action policies if an Intelligent Application Bypass (IAB) with a drop percentage threshold is also configured. The vulnerability is due to incorrect counting of the percentage of dropped traffic. An attacker could exploit this vulnerability by sending network traffic to a targeted device. An exploit could allow the attacker to bypass configured file action policies, and traffic that should be dropped could be allowed into the network. Cisco Bug IDs: CSCvf86435.

CVSS Scoring

CVSS Score

5.0

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Advisory provided by GitHub Security Advisory Database. Published: May 13, 2022, Modified: May 13, 2022

References

Published: 2018-04-19T20:00:00
Last Modified: 2024-11-29T15:16:11.647Z
Copied to clipboard!