CVSS: 5.3EPSS: 0%CPEs: 34EXPL: 0CVE-2018-0254
https://notcve.org/view.php?id=CVE-2018-0254
19 Apr 2018 — A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass configured file action policies if an Intelligent Application Bypass (IAB) with a drop percentage threshold is also configured. The vulnerability is due to incorrect counting of the percentage of dropped traffic. An attacker could exploit this vulnerability by sending network traffic to a targeted device. An exploit could allow the attacker to bypass configured file action pol... • http://www.securityfocus.com/bid/103940 • CWE-693: Protection Mechanism Failure •
CVSS: 8.6EPSS: 0%CPEs: 12EXPL: 0CVE-2017-12244
https://notcve.org/view.php?id=CVE-2017-12244
05 Oct 2017 — A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause high CPU utilization or to cause a denial of service (DoS) condition because the Snort process restarts unexpectedly. The vulnerability is due to improper input validation of the fields in the IPv6 extension header packet. An attacker could exploit this vulnerability by sending a malicious IPv6 packet to the detection engine on the targeted device. An e... • http://www.securityfocus.com/bid/101119 • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 0%CPEs: 9EXPL: 0CVE-2017-12245
https://notcve.org/view.php?id=CVE-2017-12245
05 Oct 2017 — A vulnerability in SSL traffic decryption for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause depletion of system memory, aka a Firepower Detection Engine SSL Decryption Memory Consumption Denial of Service vulnerability. If this memory leak persists over time, a denial of service (DoS) condition could develop because traffic can cease to be forwarded through the device. The vulnerability is due to an error in how the Firepower Detection Snort Engine ha... • http://www.securityfocus.com/bid/101118 • CWE-399: Resource Management Errors CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2017-3885
https://notcve.org/view.php?id=CVE-2017-3885
07 Apr 2017 — A vulnerability in the detection engine reassembly of Secure Sockets Layer (SSL) packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the Snort process consumes a high level of CPU resources. Affected Products: This vulnerability affects Cisco Firepower System Software running software releases 6.0.0, 6.1.0, 6.2.0, or 6.2.1 when the device is configured with an SSL policy that has at least one rule specifying traffic... • http://www.securityfocus.com/bid/97451 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2017-3847
https://notcve.org/view.php?id=CVE-2017-3847
22 Feb 2017 — A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface. More Information: CSCvc72741. Known Affected Releases: 6.2.1. Una vulnerabilidad en el marco web de Cisco Firepower Management Center podría permitir a un atacante remoto autenticado llevar a cabo un ataque de XSS contra un usuario de la interfaz web. Más Información: CSCvc72741. • http://www.securityfocus.com/bid/96253 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •