Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

Cisco Firepower Detection Engine TCP Intrusion Prevention System Rule Bypass Vulnerability

cisco-sa-20181107-fde-tcp-bypass · Medium · Published · Updated

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured Intrusion Prevention System (IPS) rule that inspects certain types of TCP traffic. The vulnerability is due to incorrect TCP retransmission handling. An attacker could exploit this vulnerability by sending a crafted TCP connection request through an affected device. A successful exploit could allow the attacker to bypass configured IPS rules and allow uninspected traffic onto the network. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-fde-tcp-bypass

Cisco advisory · CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2018-15443
Cisco Bug IDsCSCvk76547
CVSS ScoreBase 5.8
Base 5.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N/E:X/RL:X/RC:X
Product Names From Source
Cisco Firepower Management Center, Cisco Secure Firewall Management Center (FMC)

Related Products

Product CVE Evidence
Intrusion Prevention System (IPS) CVE-2018-15443 Cisco OpenVuln
Cisco Secure Firewall Management Center (FMC) CVE-2018-15443 Cisco OpenVuln
Cisco Firepower Management Center CVE-2018-15443 Cisco OpenVuln