CVE-2018-0254 - OpenCVE

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass configured file action policies if an Intelligent Application Bypass (IAB) with a drop percentage threshold is also configured. The vulnerability is due to incorrect counting of the percentage of dropped traffic. An attacker could exploit this vulnerability by sending network traffic to a targeted device. An exploit could allow the attacker to bypass configured file action policies, and traffic that should be dropped could be allowed into the network. Cisco Bug IDs: CSCvf86435.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Cisco	Firepower Appliance 7125 Firepower Appliance 7115 Firepower Appliance 8360 Firepower Management Center 1000 Firesight Management Center 3500 Firepower Appliance 8260 Firepower Appliance 8290 Firesight Management Center 1500 Amp 7150 Firepower Appliance 7010 Firepower Appliance 7020 Firepower Appliance 8270 Firepower Appliance 7120 Firepower Appliance 7050 Firepower Appliance 8120 Firepower Management Center 2500 Firepower Appliance 7110 Firesight Management Center 750 Firepower Appliance 8140 Firepower Appliance 8390 Amp 8150 Ngips Virtual Appliance Firepower Management Center 4000 Firepower Appliance 8350 Firepower Appliance 7030 Firepower Management Center 2000 Firepower Appliance 8130 Firepower Threat Defense Firepower Appliance 8250 Firepower Appliance 8370 Firepower Management Center 4500

Configuration 1 [-]

AND

OR	cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.5:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.2:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:6.2.1:::::::*
	cpe:2.3:a:cisco:firepower_threat_defense:6.2.2:::::::*

OR	cpe:2.3:h:cisco:amp_7150:-:::::::*
	cpe:2.3:h:cisco:amp_8150:-:::::::*
	cpe:2.3:h:cisco:firepower_appliance_7010:-:::::::*
	cpe:2.3:h:cisco:firepower_appliance_7020:-:::::::*
	cpe:2.3:h:cisco:firepower_appliance_7030:-:::::::*
	cpe:2.3:h:cisco:firepower_appliance_7050:-:::::::*
	cpe:2.3:h:cisco:firepower_appliance_7110:-:::::::*
	cpe:2.3:h:cisco:firepower_appliance_7115:-:::::::*
	cpe:2.3:h:cisco:firepower_appliance_7120:-:::::::*
	cpe:2.3:h:cisco:firepower_appliance_7125:-:::::::*
	cpe:2.3:h:cisco:firepower_appliance_8120:-:::::::*
	cpe:2.3:h:cisco:firepower_appliance_8130:-:::::::*
	cpe:2.3:h:cisco:firepower_appliance_8140:-:::::::*
	cpe:2.3:h:cisco:firepower_appliance_8250:-:::::::*
	cpe:2.3:h:cisco:firepower_appliance_8260:-:::::::*
	cpe:2.3:h:cisco:firepower_appliance_8270:-:::::::*
	cpe:2.3:h:cisco:firepower_appliance_8290:-:::::::*
	cpe:2.3:h:cisco:firepower_appliance_8350:-:::::::*
	cpe:2.3:h:cisco:firepower_appliance_8360:-:::::::*
	cpe:2.3:h:cisco:firepower_appliance_8370:-:::::::*
	cpe:2.3:h:cisco:firepower_appliance_8390:-:::::::*
	cpe:2.3:h:cisco:firepower_management_center_1000:-:::::::*
	cpe:2.3:h:cisco:firepower_management_center_2000:-:::::::*
	cpe:2.3:h:cisco:firepower_management_center_2500:-:::::::*
	cpe:2.3:h:cisco:firepower_management_center_4000:-:::::::*
	cpe:2.3:h:cisco:firepower_management_center_4500:-:::::::*
	cpe:2.3:h:cisco:firesight_management_center_1500:-:::::::*
	cpe:2.3:h:cisco:firesight_management_center_3500:-:::::::*
	cpe:2.3:h:cisco:firesight_management_center_750:-:::::::*
	cpe:2.3:h:cisco:ngips_virtual_appliance:-:::::::*

References

Link	Resource
http://www.securityfocus.com/bid/103940	Third Party Advisory VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss2	Vendor Advisory