CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-0254

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass configured file action policies if an Intelligent Application Bypass (IAB) with a drop percentage threshold is also configured. The vulnerability is due to incorrect counting of the percentage of dropped traffic. An attacker could exploit this vulnerability by sending network traffic to a targeted device. An exploit could allow the attacker to bypass configured file action policies, and traffic that should be dropped could be allowed into the network. Cisco Bug IDs: CSCvf86435.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 45.5%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 5.0

References

Products affected by CVE-2018-0254

Cisco » Firepower Threat Defense » Version: 6.1.0.5

cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.5
Cisco » Firepower Threat Defense » Version: 6.2.0.2

cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.2
Cisco » Firepower Threat Defense » Version: 6.2.1

cpe:2.3:a:cisco:firepower_threat_defense:6.2.1
Cisco » Firepower Threat Defense » Version: 6.2.2

cpe:2.3:a:cisco:firepower_threat_defense:6.2.2
Cisco » Amp 7150 » Version: N/A

cpe:2.3:h:cisco:amp_7150:-
Cisco » Amp 8150 » Version: N/A

cpe:2.3:h:cisco:amp_8150:-
Cisco » Firepower Appliance 7010 » Version: N/A

cpe:2.3:h:cisco:firepower_appliance_7010:-
Cisco » Firepower Appliance 7020 » Version: N/A

cpe:2.3:h:cisco:firepower_appliance_7020:-
Cisco » Firepower Appliance 7030 » Version: N/A

cpe:2.3:h:cisco:firepower_appliance_7030:-
Cisco » Firepower Appliance 7050 » Version: N/A

cpe:2.3:h:cisco:firepower_appliance_7050:-
Cisco » Firepower Appliance 7110 » Version: N/A

cpe:2.3:h:cisco:firepower_appliance_7110:-
Cisco » Firepower Appliance 7115 » Version: N/A

cpe:2.3:h:cisco:firepower_appliance_7115:-
Cisco » Firepower Appliance 7120 » Version: N/A

cpe:2.3:h:cisco:firepower_appliance_7120:-
Cisco » Firepower Appliance 7125 » Version: N/A

cpe:2.3:h:cisco:firepower_appliance_7125:-
Cisco » Firepower Appliance 8120 » Version: N/A

cpe:2.3:h:cisco:firepower_appliance_8120:-
Cisco » Firepower Appliance 8130 » Version: N/A

cpe:2.3:h:cisco:firepower_appliance_8130:-
Cisco » Firepower Appliance 8140 » Version: N/A

cpe:2.3:h:cisco:firepower_appliance_8140:-
Cisco » Firepower Appliance 8250 » Version: N/A

cpe:2.3:h:cisco:firepower_appliance_8250:-
Cisco » Firepower Appliance 8260 » Version: N/A

cpe:2.3:h:cisco:firepower_appliance_8260:-
Cisco » Firepower Appliance 8270 » Version: N/A

cpe:2.3:h:cisco:firepower_appliance_8270:-
Cisco » Firepower Appliance 8290 » Version: N/A

cpe:2.3:h:cisco:firepower_appliance_8290:-
Cisco » Firepower Appliance 8350 » Version: N/A

cpe:2.3:h:cisco:firepower_appliance_8350:-
Cisco » Firepower Appliance 8360 » Version: N/A

cpe:2.3:h:cisco:firepower_appliance_8360:-
Cisco » Firepower Appliance 8370 » Version: N/A

cpe:2.3:h:cisco:firepower_appliance_8370:-
Cisco » Firepower Appliance 8390 » Version: N/A

cpe:2.3:h:cisco:firepower_appliance_8390:-
Cisco » Firepower Management Center 1000 » Version: N/A

cpe:2.3:h:cisco:firepower_management_center_1000:-
Cisco » Firepower Management Center 2000 » Version: N/A

cpe:2.3:h:cisco:firepower_management_center_2000:-
Cisco » Firepower Management Center 2500 » Version: N/A

cpe:2.3:h:cisco:firepower_management_center_2500:-
Cisco » Firepower Management Center 4000 » Version: N/A

cpe:2.3:h:cisco:firepower_management_center_4000:-
Cisco » Firepower Management Center 4500 » Version: N/A

cpe:2.3:h:cisco:firepower_management_center_4500:-
Cisco » Firesight Management Center 1500 » Version: N/A

cpe:2.3:h:cisco:firesight_management_center_1500:-
Cisco » Firesight Management Center 3500 » Version: N/A

cpe:2.3:h:cisco:firesight_management_center_3500:-
Cisco » Firesight Management Center 750 » Version: N/A

cpe:2.3:h:cisco:firesight_management_center_750:-
Cisco » Ngips Virtual Appliance » Version: N/A

cpe:2.3:h:cisco:ngips_virtual_appliance:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-0254

Products

Pricing

Contact Us