Guest

Preview Tool

Cisco Bug: CSCvh70130 - Cisco FireSIGHT System File Policy Bypass Vulnerability

Last Modified

Mar 11, 2019

Products (32)

  • Cisco Firepower Management Center
  • Cisco FirePOWER Appliance 8360
  • Cisco FirePOWER Appliance 7050
  • Cisco Firepower Management Center 2500
  • Cisco FirePOWER Appliance 8260
  • Cisco FirePOWER Appliance 8120
  • Cisco FirePOWER Appliance 8130
  • Cisco FirePOWER Appliance 8140
  • Cisco AMP 8150
  • Cisco FirePOWER Appliance 8350
View all products in Bug Search Tool Login Required

Known Affected Releases

6.2.2.1 6.2.3 6.3.0

Description (partial)

Symptom:
A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a file
policy that is configured for the FTP Protocol with the action ''Block upload with Reset''.

The vulnerability is due to incorrect handling of the FTP control connection. An attacker could exploit this vulnerability by sending a crafted
FTP connection to transfer a file to the targeted device. An exploit could allow the attacker to bypass a configured file policy and not proper
block transfer of a file via FTP.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180711-firesight-file-bypass

Conditions:
Please refer to Security Advisory.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.