Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured file policy for HTTP packets and deliver a malicious payload.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

N/A

Cisco Firepower Threat Defense 安全特征问题漏洞

Cisco Firepower Threat Defense（FTD）是美国思科（Cisco）公司的一套提供下一代防火墙服务的统一软件。 Cisco Firepower Threat Defense (FTD 存在安全特征问题漏洞，该漏洞源于对特定HTTP标头参数的不正确处理导致的。远程攻击者可以发送特制的HTTP数据包，以绕过针对HTTP数据包配置的文件策略，并传递恶意负载。以下产品及版本受到影响：Cisco Firepower Threat Defense (FTD): 6.2.2, 6.2.3, 6

N/A

N/A