CVE-2018-0297

MEDIUM Year: 2018
CVSS v3 Score
5.8
Medium
CVSS v2 Score
5.0
Medium
Weakness Type
CWE-693
View all →

Vulnerability Description

A vulnerability in the detection engine of Cisco Firepower Threat Defense software could allow an unauthenticated, remote attacker to bypass a configured Secure Sockets Layer (SSL) Access Control (AC) policy to block SSL traffic. The vulnerability is due to the incorrect handling of TCP SSL packets received out of order. An attacker could exploit this vulnerability by sending a crafted SSL connection through the affected device. A successful exploit could allow the attacker to bypass a configured SSL AC policy to block SSL traffic. Cisco Bug IDs: CSCvg09316.

Related Vulnerabilities

CVE-2018-0243

MEDIUM
CVSS:5.8(Medium)

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy that is intended to drop the Server...

CWE-6932018

CVE-2018-0244

MEDIUM
CVSS:5.8(Medium)

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy to drop the Server Message Block (S...

CWE-6932018

CVE-2018-0333

MEDIUM
CVSS:5.8(Medium)

A vulnerability in the VPN configuration management of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass VPN security due to unintended side effects of dynamic ...

CWE-6932018

CVE-2018-0384

MEDIUM
CVSS:5.8(Medium)

A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traff...

CWE-6932018

CVE-2019-12696

MEDIUM
CVSS:5.8(Medium)

Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file typ...

CWE-6932019

CVE-2019-12697

MEDIUM
CVSS:5.8(Medium)

Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file typ...

CWE-6932019