CVE-2018-0297
First published: Thu May 17 2018(Updated: )
A vulnerability in the detection engine of Cisco Firepower Threat Defense software could allow an unauthenticated, remote attacker to bypass a configured Secure Sockets Layer (SSL) Access Control (AC) policy to block SSL traffic. The vulnerability is due to the incorrect handling of TCP SSL packets received out of order. An attacker could exploit this vulnerability by sending a crafted SSL connection through the affected device. A successful exploit could allow the attacker to bypass a configured SSL AC policy to block SSL traffic. Cisco Bug IDs: CSCvg09316.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Firepower Threat Defense | =6.0.0 | |
| Cisco Firepower Threat Defense | =6.1.0 | |
| Cisco Firepower Threat Defense | =6.2.0 | |
| Cisco Firepower Threat Defense | =6.2.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/weakness
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/cisco
- canonical/cisco firepower threat defense
- version/cisco firepower threat defense/6.0.0
- version/cisco firepower threat defense/6.1.0
- version/cisco firepower threat defense/6.2.0
- version/cisco firepower threat defense/6.2.2