CVE-2018-0384

Name of the Vulnerable Software and Affected Versions Cisco FireSIGHT System Software (affected versions not specified)

Description A vulnerability in the detection engine could allow an unauthenticated, remote attacker to bypass a URL-based access control policy. The issue arises from the software's incorrect handling of TCP packets received out of order when a TCP SYN retransmission is issued. An attacker could exploit this by sending a maliciously crafted connection through an affected device, potentially bypassing the access control policy.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.