CVE-2017-12300
CVE-2017-12300
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS —EPSS 1.6%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
16 nov 2017Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A vulnerability in the SNORT detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the Server Message Block Version 2 (SMB2) protocol. The vulnerability is due to the incorrect detection of an SMB2 file when the detection is based on the length of the file. An attacker could exploit this vulnerability by sending a crafted SMB2 transfer request through the targeted device. A successful exploit could allow the attacker to bypass filters that are configured to block SMB2 traffic. Cisco Bug IDs: CSCve58398.
Produtos afetados
n/a · Cisco Firepower System SoftwareQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →