medium
5.3
CWE
693
Advisory Published
Updated

CVE-2018-0254

First published: Thu Apr 19 2018(Updated: )

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass configured file action policies if an Intelligent Application Bypass (IAB) with a drop percentage threshold is also configured. The vulnerability is due to incorrect counting of the percentage of dropped traffic. An attacker could exploit this vulnerability by sending network traffic to a targeted device. An exploit could allow the attacker to bypass configured file action policies, and traffic that should be dropped could be allowed into the network. Cisco Bug IDs: CSCvf86435.

Credit: ykramarz@cisco.com

Affected SoftwareAffected VersionHow to fix
Cisco Firepower Threat Defense=6.1.0.5
Cisco Firepower Threat Defense=6.2.0.2
Cisco Firepower Threat Defense=6.2.1
Cisco Firepower Threat Defense=6.2.2
Cisco Amp 7150
Cisco Amp 8150
Cisco Firepower Appliance 7010
Cisco Firepower Appliance 7020
Cisco Firepower Appliance 7030
Cisco Firepower Appliance 7050
Cisco Firepower Appliance 7110
Cisco Firepower Appliance 7115
Cisco Firepower Appliance 7120
Cisco Firepower Appliance 7125
Cisco Firepower Appliance 8120
Cisco Firepower Appliance 8130
Cisco Firepower Appliance 8140
Cisco Firepower Appliance 8250
Cisco Firepower Appliance 8260
Cisco Firepower Appliance 8270
Cisco Firepower Appliance 8290
Cisco Firepower Appliance 8350
Cisco Firepower Appliance 8360
Cisco Firepower Appliance 8370
Cisco Firepower Appliance 8390
Cisco Firepower Management Center 1000
Cisco Firepower Management Center 2000
Cisco Firepower Management Center 2500
Cisco Firepower Management Center 4000
Cisco Firepower Management Center 4500
Cisco Firesight Management Center 1500
Cisco Firesight Management Center 3500
Cisco Firesight Management Center 750
Cisco Ngips Virtual Appliance

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the vulnerability ID for this Cisco Firepower System Software vulnerability?

    The vulnerability ID for this Cisco Firepower System Software vulnerability is CVE-2018-0254.

  • What is the severity level of CVE-2018-0254?

    The severity level of CVE-2018-0254 is medium with a severity value of 5.3.

  • How can an attacker exploit CVE-2018-0254?

    CVE-2018-0254 can be exploited by an unauthenticated, remote attacker to bypass file action policies if Intelligent Application Bypass (IAB) with a drop percentage threshold is configured.

  • Which versions of Cisco Firepower Threat Defense are affected by CVE-2018-0254?

    CVE-2018-0254 affects Cisco Firepower Threat Defense versions 6.1.0.5, 6.2.0.2, 6.2.1, and 6.2.2.

  • Where can I find more information about CVE-2018-0254?

    You can find more information about CVE-2018-0254 on the Cisco Security Advisory and SecurityFocus websites.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203