Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Firepower Threat Defense Software SSL/TLS Policy Bypass Vulnerability
Vulnerability Description
A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol parser of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies. The vulnerability is due to improper parsing of specific attributes in a TLS packet header. An attacker could exploit this vulnerability by sending malicious TLS messages to the affected system. A successful exploit could allow the attacker to bypass the configured policies for the system, which could allow traffic to flow through without being inspected.
CVSS Information
N/A
Vulnerability Type
保护机制失效
Vulnerability Title
Cisco Firepower Threat Defense SSL/TLS协议解析器安全漏洞
Vulnerability Description
Cisco Firepower Threat Defense(FTD)是美国思科(Cisco)公司的一套提供下一代防火墙服务的统一软件。 Cisco FTD中的SSL/TLS协议解析器存在安全漏洞,该漏洞源于程序没有正确解析TLS数据包头中的属性。远程攻击者可通过发送恶意的TLS消息利用该漏洞绕过被配置的策略。
CVSS Information
N/A
Vulnerability Type
N/A