N/A

A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traffic for an affected system. The vulnerability exists because the affected software incorrectly handles TCP packets that are received out of order when a TCP SYN retransmission is issued. An attacker could exploit this vulnerability by sending a maliciously crafted connection through an affected device. A successful exploit could allow the attacker to bypass a URL-based access control policy that is configured to block traffic for the affected system. Cisco Bug IDs: CSCvh84511.

N/A

保护机制失效

Cisco FireSIGHT System Software检测引擎安全漏洞

Cisco FireSIGHT System Software是美国思科（Cisco）公司的一套管理中心软件，它支持集中管理采用FirePOWER Services的Cisco ASA和思科FirePOWER网络安全设备的网络安全和运行功能的软件。 Cisco FireSIGHT System Software中的检测引擎存在安全漏洞，该漏洞源于该软件没有正确的处理未按照顺序接收的TCP数据包。远程攻击者可通过发送恶意制作的连接利用该漏洞绕过用于拦截流量的基于URL的访问控制策略。

N/A

N/A