PT-2018-8638 · Cisco · Cisco Firepower System
Publicado
2018-02-08
·
Atualizado
2019-10-09
·
CVE-2018-0138
CVSS v3.1
5.3
Média
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions:
Cisco Firepower System Software (affected versions not specified)
Description:
A vulnerability in the detection engine could allow an unauthenticated, remote attacker to bypass file policies configured to block files transmitted via the BitTorrent protocol. The issue exists because the software does not correctly detect BitTorrent handshake messages. An attacker could exploit this by sending a crafted BitTorrent connection request. A successful exploit could allow the attacker to bypass file policies for files transmitted via the BitTorrent protocol.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Protection Mechanism Failure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Cisco Firepower System