漏洞标题
N/A
漏洞描述信息
Cisco Firepower System Software 检测引擎中的一个漏洞可能导致无验证的远程攻击者绕过配置好的文件操作策略,该策略旨在检测到 malware 时删除 Server Message Block Version 2 (SMB2) 和 SMB Version 3 (SMB3) 协议。该漏洞是由于对总文件长度不正确的 SMB2 或 SMB3 文件的检测。攻击者可以通过通过目标设备发送精心构造的 SMB2 或 SMB3 传输请求来利用此漏洞。利用此漏洞可能导致攻击者绕过可能包含恶意软件的 SMB2 或 SMB3 文件,即使设备已配置要阻止它们。对于 SMB Version 1 (SMB1) 文件,此漏洞不存在。在 6.2.3 之前的软件发布中,当配置一个或多个文件操作策略时,此漏洞会影响 Cisco Firepower System Software。Cisco Bug ID: CSCvg68807。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy that is intended to drop the Server Message Block Version 2 (SMB2) and SMB Version 3 (SMB3) protocols if malware is detected. The vulnerability is due to incorrect detection of an SMB2 or SMB3 file based on the total file length. An attacker could exploit this vulnerability by sending a crafted SMB2 or SMB3 transfer request through the targeted device. An exploit could allow the attacker to pass SMB2 or SMB3 files that could be malware even though the device is configured to block them. This vulnerability does not exist for SMB Version 1 (SMB1) files. This vulnerability affects Cisco Firepower System Software when one or more file action policies are configured, on software releases prior to 6.2.3. Cisco Bug IDs: CSCvg68807.
CVSS信息
N/A
漏洞类别
保护机制失效
漏洞标题
Cisco Firepower System Software detection引擎安全漏洞
漏洞描述信息
Cisco Firepower System Software是美国思科(Cisco)公司的一款下一代防火墙产品(NGFW)。detection engine是其中的一个入侵检测引擎。 Cisco Firepower System Software中的detection引擎存在安全漏洞,该漏洞源于程序没有检测SMB2或SMB3文件。远程攻击者可通过发送特制的SMB2或SMB3传输请求利用该漏洞绕过已配置的文件操作策略。
CVSS信息
N/A
漏洞类别
授权问题