CVE Vulnerability

CVE-2018-15443

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured Intrusion Prevention System (IPS) rule that inspects certain types of TCP traffic. The vulnerability is due to incorrect TCP retransmission handling. An attacker could exploit this vulnerability by sending a crafted TCP connection request through an affected device. A successful exploit could allow the attacker to bypass configured IPS rules and allow uninspected traffic onto the network.

5 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

Scope

7.5 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-fde-tcp-bypass Vendor Advisory
http://www.securityfocus.com/bid/105870 Third Party Advisory VDB Entry
Configurations

Configuration 1

cpe:2.3:a:cisco:firepower_system_software:-:*:*:*:*:*:*:*
Information

Published : 2018-11-08 05:29

Updated : 2019-10-09 11:35

NVD link : CVE-2018-15443

Mitre link : CVE-2018-15443

Products Affected
No products.
CWE
CWE-400