Multiple Cisco products are affected by vulnerabilities in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP.
These vulnerabilities are due to incorrect handling of specific HTTP header parameters. An attacker could exploit these vulnerabilities by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured file policy for HTTP packets and deliver a malicious payload.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-fp-bp-KfDdcQhc [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-fp-bp-KfDdcQhc”]
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | firepower_threat_defense_software | 6.2 | cpe:2.3:a:cisco:firepower_threat_defense_software:6.2:*:*:*:*:*:*:* |
cisco | firepower_threat_defense_software | 6.6 | cpe:2.3:a:cisco:firepower_threat_defense_software:6.6:*:*:*:*:*:*:* |
cisco | firepower_threat_defense_software | 6.4 | cpe:2.3:a:cisco:firepower_threat_defense_software:6.4:*:*:*:*:*:*:* |
cisco | firepower_threat_defense_software | 6.7 | cpe:2.3:a:cisco:firepower_threat_defense_software:6.7:*:*:*:*:*:*:* |
cisco | firepower_2100_firmware | any | cpe:2.3:o:cisco:firepower_2100_firmware:any:*:*:*:*:*:*:* |
cisco | firepower_management_center_1000_firmware | any | cpe:2.3:o:cisco:firepower_management_center_1000_firmware:any:*:*:*:*:*:*:* |
cisco | industrial_security_appliances_3000_firmware | any | cpe:2.3:o:cisco:industrial_security_appliances_3000_firmware:any:*:*:*:*:*:*:* |
cisco | firepower_9000_firmware | any | cpe:2.3:o:cisco:firepower_9000_firmware:any:*:*:*:*:*:*:* |
cisco | firepower_4100_next-generation_firewall_firmware | any | cpe:2.3:o:cisco:firepower_4100_next-generation_firewall_firmware:any:*:*:*:*:*:*:* |
cisco | unified_threat_defense | any | cpe:2.3:a:cisco:unified_threat_defense:any:*:*:*:*:*:*:* |