File Policy Bypass in Cisco Firepower System Software
CVE-2018-0138

5.3MEDIUM

Key Information:

Vendor: Cisco
Status: Cisco Firepower System Software
Vendor: CVE Published:; 8 February 2018

What is CVE-2018-0138?

A flaw in the detection engine of Cisco Firepower System Software allows unauthenticated remote attackers to bypass configured file policies that restrict file transmissions via the BitTorrent protocol. The issue arises due to incorrect handling of BitTorrent handshake messages, enabling attackers to exploit the vulnerability by sending specially crafted connection requests to an affected device. Successfully executing this exploit could lead to unauthorized file transmissions, undermining security measures intended to protect the network. For further details, refer to Cisco Bug IDs: CSCve26946.

Affected Version(s)

Cisco Firepower System Software Cisco Firepower System Software

References

https://tools.cisco.com/security/center/content/CiscoSecu...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/102978

vdb-entryx_refsource_BID

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 8, 2018
Vulnerability Reserved
Nov 27, 2017