漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
Cisco Firepower Threat Defense Software TCP Intercept Bypass Vulnerability
漏洞信息
A vulnerability in the TCP Intercept functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured Access Control Policies (including Geolocation) and Service Polices on an affected system. The vulnerability exists because TCP Intercept is invoked when the embryonic connection limit is reached, which can cause the underlying detection engine to process the packet incorrectly. An attacker could exploit this vulnerability by sending a crafted stream of traffic that matches a policy on which TCP Intercept is configured. A successful exploit could allow the attacker to match on an incorrect policy, which could allow the traffic to be forwarded when it should be dropped. In addition, the traffic could incorrectly be dropped.
漏洞信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
漏洞
访问控制不恰当
漏洞
Cisco Firepower Threat Defense 授权问题漏洞
漏洞信息
Cisco Firepower Threat Defense(FTD)是美国思科(Cisco)公司的一套提供下一代防火墙服务的统一软件。 Cisco Firepower Threat Defense (FTD) 存在安全漏洞,该漏洞的存在是因为当到达初始连接限制时调用TCP拦截,这可能导致底层检测引擎不正确地处理数据包。攻击者可利用该漏洞可以通过发送与配置了TCP拦截的策略相匹配的精心设计的流量流来利用这个漏洞。
漏洞信息
N/A
漏洞
N/A