medium
5.3
CWE
693
Advisory Published
Updated

CVE-2018-0254

First published: Thu Apr 19 2018(Updated: )

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass configured file action policies if an Intelligent Application Bypass (IAB) with a drop percentage threshold is also configured. The vulnerability is due to incorrect counting of the percentage of dropped traffic. An attacker could exploit this vulnerability by sending network traffic to a targeted device. An exploit could allow the attacker to bypass configured file action policies, and traffic that should be dropped could be allowed into the network. Cisco Bug IDs: CSCvf86435.

Credit: ykramarz@cisco.com

Affected SoftwareAffected VersionHow to fix
Cisco Firepower Threat Defense (FTD)=6.1.0.5
Cisco Firepower Threat Defense (FTD)=6.2.0.2
Cisco Firepower Threat Defense (FTD)=6.2.1
Cisco Firepower Threat Defense (FTD)=6.2.2
Cisco AMP 7150 Firmware
Cisco AMP 8150
Cisco Firepower 7010
Cisco Firepower appliance
Cisco Firepower appliance
Cisco Firepower appliance
Cisco Firepower appliance 7110 firmware
Cisco Firepower 7115
Cisco Firepower 7120
Cisco Firepower appliance 7125
Cisco Firepower appliance
Cisco Firepower appliance 8130
Cisco Firepower appliance
Cisco Firepower appliance 8250
Cisco Firepower appliance 8260 firmware
Cisco Firepower Appliance 8270 Firmware
Cisco Firepower appliance 8290 firmware
Cisco Firepower appliance 8350 firmware
Cisco Firepower appliance 8360 firmware
Cisco Firepower appliance
Cisco Firepower appliance
Cisco Firepower Management Center 1000 firmware
Cisco Firepower Management Center 2000 firmware
Cisco Firepower Threat Defense (FTD) and Firepower Management Center (FMC) Software
Cisco Firepower Management Center 4000 firmware
Cisco Firepower Management Center 4500-K9
Cisco Firesight Management Center
Cisco Firepower Management Center
Cisco Firepower Management Center
Cisco NGIPSv for VMware

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the vulnerability ID for this Cisco Firepower System Software vulnerability?

    The vulnerability ID for this Cisco Firepower System Software vulnerability is CVE-2018-0254.

  • What is the severity level of CVE-2018-0254?

    The severity level of CVE-2018-0254 is medium with a severity value of 5.3.

  • How can an attacker exploit CVE-2018-0254?

    CVE-2018-0254 can be exploited by an unauthenticated, remote attacker to bypass file action policies if Intelligent Application Bypass (IAB) with a drop percentage threshold is configured.

  • Which versions of Cisco Firepower Threat Defense are affected by CVE-2018-0254?

    CVE-2018-0254 affects Cisco Firepower Threat Defense versions 6.1.0.5, 6.2.0.2, 6.2.1, and 6.2.2.

  • Where can I find more information about CVE-2018-0254?

    You can find more information about CVE-2018-0254 on the Cisco Security Advisory and SecurityFocus websites.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203