CVE-2018-0138 — Protection Mechanism Failure in Cisco Firepower Threat Defense

CWE-693 — Protection Mechanism Failure4 documents4 sources

Severity

5.3MEDIUMNVD

EPSS

0.2%

top 54.51%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Firepower Threat Defense

Timeline

PublishedFeb 8

Latest updateMay 13

Description

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass file policies that are configured to block files transmitted to an affected device via the BitTorrent protocol. The vulnerability exists because the affected software does not detect BitTorrent handshake messages correctly. An attacker could exploit this vulnerability by sending a crafted BitTorrent connection request to an affected device. A successful exploit cou…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages1 packages

▶NVDcisco/firepower_threat_defense4 versions+3

🔴Vulnerability Details

GHSA

GHSA-5qfr-j674-96hc: A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass file policies tha↗2022-05-13

▶

CVEList

CVE-2018-0138: A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass file policies tha↗2018-02-08

▶

📋Vendor Advisories

Cisco

Cisco Firepower System Software BitTorrent File Policy Bypass Vulnerability↗2018-02-07

▶