CVE-2018-15398

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software (affected versions not specified)

Description A vulnerability in the per-user-override feature could allow an unauthenticated, remote attacker to bypass an access control list (ACL) configured for an interface of an affected device. The issue is due to errors that occur when the software constructs and applies per-user-override rules. An attacker could exploit this by connecting to a network through an affected device with a vulnerable configuration, potentially accessing protected resources behind the device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.