Remote Code Execution Vulnerability in Cisco Firepower System Software
CVE-2017-12300

5.8MEDIUM

Key Information:

Vendor: Cisco
Status: Cisco Firepower System Software
Vendor: CVE Published:; 16 November 2017

Summary

A vulnerability exists in the SNORT detection engine of Cisco Firepower System Software, which may allow an unauthenticated remote attacker to bypass configured file policies that block the Server Message Block Version 2 (SMB2) protocol. This issue arises from improper detection of SMB2 files when the detection is reliant on the file length. Exploiting this vulnerability enables attackers to send a specially crafted SMB2 transfer request to the affected device, potentially resulting in the bypass of established traffic filtering mechanisms designed to thwart SMB2 traffic.

Affected Version(s)

Cisco Firepower System Software Cisco Firepower System Software

References

http://www.securityfocus.com/bid/101862

vdb-entryx_refsource_BID

https://tools.cisco.com/security/center/content/CiscoSecu...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Nov 16, 2017
Vulnerability Reserved
Aug 3, 2017