What is the severity of cisco-sa-20191002-firepwr-bypass?

The severity of cisco-sa-20191002-firepwr-bypass is critical due to the potential for an unauthenticated remote attacker to bypass security policies.

How do I fix cisco-sa-20191002-firepwr-bypass?

To fix cisco-sa-20191002-firepwr-bypass, upgrade to Cisco FTD Software version 6.2.3.15 or later.

What types of file vulnerabilities are affected by cisco-sa-20191002-firepwr-bypass?

cisco-sa-20191002-firepwr-bypass affects vulnerabilities in malware and file policies specifically for RTF and RAR file types.

Who is affected by cisco-sa-20191002-firepwr-bypass?

Users of Cisco FTD Software versions earlier than 6.1.0, 6.1.0, 6.2.0, 6.2.1, 6.2.2, or up to 6.2.3 are affected by cisco-sa-20191002-firepwr-bypass.

Can cisco-sa-20191002-firepwr-bypass allow data breaches?

Yes, cisco-sa-20191002-firepwr-bypass can potentially allow data breaches as it enables attackers to bypass security measures.

Vulnerability/
cisco-sa-20191002-firepwr-bypass

medium

5.8

CWE

693

2/10/2019

cisco-sa-20191002-firepwr-bypass: Cisco Firepower System Software Detection Engine RTF and RAR Malware and File Policy Bypass Vulnerabilities

First published: Wed Oct 02 2019(Updated: )

Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-firepwr-bypass

Credit: Yaser Mansour.

Affected Software	Affected Version	How to fix
Cisco FTD Software	>=Earlier than 6.1.0=6.1.0=6.2.0=6.2.1=6.2.2<=6.2.3<6.2.3.15	6.2.3.15

Never miss a vulnerability like this again

Reference Links

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-firepwr-bypass (Advisory)

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

What is the severity of cisco-sa-20191002-firepwr-bypass?
The severity of cisco-sa-20191002-firepwr-bypass is critical due to the potential for an unauthenticated remote attacker to bypass security policies.
How do I fix cisco-sa-20191002-firepwr-bypass?
To fix cisco-sa-20191002-firepwr-bypass, upgrade to Cisco FTD Software version 6.2.3.15 or later.
What types of file vulnerabilities are affected by cisco-sa-20191002-firepwr-bypass?
cisco-sa-20191002-firepwr-bypass affects vulnerabilities in malware and file policies specifically for RTF and RAR file types.
Who is affected by cisco-sa-20191002-firepwr-bypass?
Users of Cisco FTD Software versions earlier than 6.1.0, 6.1.0, 6.2.0, 6.2.1, 6.2.2, or up to 6.2.3 are affected by cisco-sa-20191002-firepwr-bypass.
Can cisco-sa-20191002-firepwr-bypass allow data breaches?
Yes, cisco-sa-20191002-firepwr-bypass can potentially allow data breaches as it enables attackers to bypass security measures.

agent/type
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
collector/cisco-advisory
source/Cisco
agent/software-canonical-lookup
agent/weakness
agent/title
agent/severity
agent/references
agent/author
agent/description
agent/event
agent/tags
agent/source
vendor/cisco
canonical/cisco ftd software
version/cisco ftd software/earlier than 6.1.0
version/cisco ftd software/6.1.0
version/cisco ftd software/6.2.0
version/cisco ftd software/6.2.1
version/cisco ftd software/6.2.2
version/cisco ftd software/6.2.3

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.