Cisco FireSIGHT System Software CVE-2018-0384 Remote Security Bypass Vulnerability

Bugtraq ID:	104725
Class:	Design Error
CVE:	CVE-2018-0384
Remote:	Yes
Local:	No
Published:	Jul 11 2018 12:00AM
Updated:	Jul 11 2018 12:00AM
Credit:	Cisco
Vulnerable:	Cisco FireSIGHT System Software 0 Cisco FirePOWER Management Center 6.2.2 Cisco FirePOWER Management Center 6.2 Cisco FirePOWER Management Center 6.1 Cisco FirePOWER Management Center 6.0 Cisco FirePOWER Management Center 6.2.1
Not Vulnerable:	Cisco FirePOWER Management Center 6.2.3 Cisco FirePOWER Management Center 6.2.2.3

Cisco FireSIGHT System Software CVE-2018-0384 Remote Security Bypass Vulnerability

Cisco FireSIGHT System Software is prone to a remote security-bypass vulnerability.

An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks.

This issue is being tracked by Cisco Bug ID CSCvh84511.

Cisco FireSIGHT System Software CVE-2018-0384 Remote Security Bypass Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Cisco FireSIGHT System Software CVE-2018-0384 Remote Security Bypass Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Cisco FireSIGHT System Software CVE-2018-0384 Remote Security Bypass Vulnerability

References:

• Cisco Homepage (Cisco)
  
• Cisco FireSIGHT System Software URL-Based Access Control Policy Bypass Vulnerabi (Cisco)