漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
Cisco Firepower Threat Defense Software SSL/TLS URL Category Bypass Vulnerability
漏洞信息
A vulnerability in the Transport Layer Security version 1.3 (TLS 1.3) policy with URL category functionality for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured TLS 1.3 policy to block traffic for a specific URL. The vulnerability is due to a logic error with Snort handling of the connection with the TLS 1.3 policy and URL category configuration. An attacker could exploit this vulnerability by sending crafted TLS 1.3 connections to an affected device. A successful exploit could allow the attacker to bypass the TLS 1.3 policy and access URLs that are outside the affected device and normally would be dropped.
漏洞信息
N/A
漏洞
保护机制失效
漏洞
Cisco Firepower Threat Defense 安全漏洞
漏洞信息
Cisco Firepower Threat Defense(FTD)是美国思科(Cisco)公司的一套提供下一代防火墙服务的统一软件。 Cisco FTD Software 6.4.0版本至6.4.0.8版本(release)中的TLS 1.3版本策略(配置有URL category)存在安全漏洞。远程攻击者可通过发送特制的TLS 1.3连接请求利用该漏洞绕过TLS 1.3版本策略,访问受影响设备之外的URL。
漏洞信息
N/A
漏洞
N/A