Description
A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traffic for an affected system. The vulnerability exists because the affected software incorrectly handles TCP packets that are received out of order when a TCP SYN retransmission is issued. An attacker could exploit this vulnerability by sending a maliciously crafted connection through an affected device. A successful exploit could allow the attacker to bypass a URL-based access control policy that is configured to block traffic for the affected system. Cisco Bug IDs: CSCvh84511.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/104725
Vendor Advisory x_refsource_confirm
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180711-firesight-url-bypass
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1041284
Scores
CVSS v3
5.8
EPSS
0.0250
EPSS Percentile
82.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-693
Status
published
Products (5)
cisco/secure_firewall_management_center
6.0.0
cisco/secure_firewall_management_center
6.1.0
cisco/secure_firewall_management_center
6.2.0
cisco/secure_firewall_management_center
6.2.1
cisco/secure_firewall_management_center
6.2.2
Published
Jul 16, 2018
Tracked Since
Feb 18, 2026