5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
6.9 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
65.7%
A vulnerability in Server Name Identification (SNI) request filtering of
Cisco Web Security Appliance (WSA), Cisco Firepower Threat Defense (FTD),
and the Snort detection engine could allow an unauthenticated, remote
attacker to bypass filtering technology on an affected device and
exfiltrate data from a compromised host. This vulnerability is due to
inadequate filtering of the SSL handshake. An attacker could exploit this
vulnerability by using data from the SSL client hello packet to communicate
with an external server. A successful exploit could allow the attacker to
execute a command-and-control attack on a compromised host and perform
additional data exfiltration attacks.
Author | Note |
---|---|
yomonokio | There is no access to the actual fix for this CVE nor workarounds that address this vulnerability |
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
6.9 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
65.7%