Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Firepower Threat Defense Software File Policy Bypass Vulnerability
Vulnerability Description
A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors when handling specific SSL/TLS messages. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and deliver a malicious payload to the protected network.
CVSS Information
N/A
Vulnerability Type
保护机制失效
Vulnerability Title
Cisco Firepower Threat Defense 安全漏洞
Vulnerability Description
Cisco Firepower Threat Defense(FTD)是美国思科(Cisco)公司的一套提供下一代防火墙服务的统一软件。 Cisco FTD 6.4.0之前版本中的Secure Sockets Layer(SSL)/Transport Layer Security (TLS)协议检查引擎存在安全漏洞。远程攻击者可借助特制的HTTP数据包利用该漏洞绕过配置文件策略。
CVSS Information
N/A
Vulnerability Type
N/A