A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engine on Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies on an affected system. Devices that are configured with Snort 2 are not affected by this vulnerability. This vulnerability is due to a logic error when handling embryonic (half-open) TCP connections. An attacker could exploit this vulnerability by sending a crafted traffic pattern through an affected device. A successful exploit could allow unintended traffic to enter the network protected by the affected device.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Firepower_threat_defense | Cisco | 6.2.3 (including) | 6.2.3 (including) |
| Firepower_threat_defense | Cisco | 6.2.3.1 (including) | 6.2.3.1 (including) |
| Firepower_threat_defense | Cisco | 6.2.3.2 (including) | 6.2.3.2 (including) |
| Firepower_threat_defense | Cisco | 6.2.3.3 (including) | 6.2.3.3 (including) |
| Firepower_threat_defense | Cisco | 6.2.3.4 (including) | 6.2.3.4 (including) |
| Firepower_threat_defense | Cisco | 6.2.3.5 (including) | 6.2.3.5 (including) |
| Firepower_threat_defense | Cisco | 6.2.3.6 (including) | 6.2.3.6 (including) |
| Firepower_threat_defense | Cisco | 6.2.3.7 (including) | 6.2.3.7 (including) |
| Firepower_threat_defense | Cisco | 6.2.3.8 (including) | 6.2.3.8 (including) |
| Firepower_threat_defense | Cisco | 6.2.3.9 (including) | 6.2.3.9 (including) |
| Firepower_threat_defense | Cisco | 6.2.3.10 (including) | 6.2.3.10 (including) |
| Firepower_threat_defense | Cisco | 6.2.3.11 (including) | 6.2.3.11 (including) |
| Firepower_threat_defense | Cisco | 6.2.3.12 (including) | 6.2.3.12 (including) |
| Firepower_threat_defense | Cisco | 6.2.3.13 (including) | 6.2.3.13 (including) |
| Firepower_threat_defense | Cisco | 6.2.3.14 (including) | 6.2.3.14 (including) |
| Firepower_threat_defense | Cisco | 6.2.3.15 (including) | 6.2.3.15 (including) |
| Firepower_threat_defense | Cisco | 6.2.3.16 (including) | 6.2.3.16 (including) |
| Firepower_threat_defense | Cisco | 6.2.3.17 (including) | 6.2.3.17 (including) |
| Firepower_threat_defense | Cisco | 6.2.3.18 (including) | 6.2.3.18 (including) |
| Firepower_threat_defense | Cisco | 6.4.0 (including) | 6.4.0 (including) |
| Firepower_threat_defense | Cisco | 6.4.0.1 (including) | 6.4.0.1 (including) |
| Firepower_threat_defense | Cisco | 6.4.0.2 (including) | 6.4.0.2 (including) |
| Firepower_threat_defense | Cisco | 6.4.0.3 (including) | 6.4.0.3 (including) |
| Firepower_threat_defense | Cisco | 6.4.0.4 (including) | 6.4.0.4 (including) |
| Firepower_threat_defense | Cisco | 6.4.0.5 (including) | 6.4.0.5 (including) |
| Firepower_threat_defense | Cisco | 6.4.0.6 (including) | 6.4.0.6 (including) |
| Firepower_threat_defense | Cisco | 6.4.0.7 (including) | 6.4.0.7 (including) |
| Firepower_threat_defense | Cisco | 6.4.0.8 (including) | 6.4.0.8 (including) |
| Firepower_threat_defense | Cisco | 6.4.0.9 (including) | 6.4.0.9 (including) |
| Firepower_threat_defense | Cisco | 6.4.0.10 (including) | 6.4.0.10 (including) |
| Firepower_threat_defense | Cisco | 6.4.0.11 (including) | 6.4.0.11 (including) |
| Firepower_threat_defense | Cisco | 6.4.0.12 (including) | 6.4.0.12 (including) |
| Firepower_threat_defense | Cisco | 6.4.0.13 (including) | 6.4.0.13 (including) |
| Firepower_threat_defense | Cisco | 6.4.0.14 (including) | 6.4.0.14 (including) |
| Firepower_threat_defense | Cisco | 6.4.0.15 (including) | 6.4.0.15 (including) |
| Firepower_threat_defense | Cisco | 6.4.0.16 (including) | 6.4.0.16 (including) |
| Firepower_threat_defense | Cisco | 6.4.0.17 (including) | 6.4.0.17 (including) |
| Firepower_threat_defense | Cisco | 6.4.0.18 (including) | 6.4.0.18 (including) |
| Firepower_threat_defense | Cisco | 6.6.0 (including) | 6.6.0 (including) |
| Firepower_threat_defense | Cisco | 6.6.0.1 (including) | 6.6.0.1 (including) |
| Firepower_threat_defense | Cisco | 6.6.1 (including) | 6.6.1 (including) |
| Firepower_threat_defense | Cisco | 6.6.3 (including) | 6.6.3 (including) |
| Firepower_threat_defense | Cisco | 6.6.4 (including) | 6.6.4 (including) |
| Firepower_threat_defense | Cisco | 6.6.5 (including) | 6.6.5 (including) |
| Firepower_threat_defense | Cisco | 6.6.5.1 (including) | 6.6.5.1 (including) |
| Firepower_threat_defense | Cisco | 6.6.5.2 (including) | 6.6.5.2 (including) |
| Firepower_threat_defense | Cisco | 6.6.7 (including) | 6.6.7 (including) |
| Firepower_threat_defense | Cisco | 6.6.7.1 (including) | 6.6.7.1 (including) |
| Firepower_threat_defense | Cisco | 6.6.7.2 (including) | 6.6.7.2 (including) |
| Firepower_threat_defense | Cisco | 6.7.0 (including) | 6.7.0 (including) |
| Firepower_threat_defense | Cisco | 6.7.0.1 (including) | 6.7.0.1 (including) |
| Firepower_threat_defense | Cisco | 6.7.0.2 (including) | 6.7.0.2 (including) |
| Firepower_threat_defense | Cisco | 6.7.0.3 (including) | 6.7.0.3 (including) |
| Firepower_threat_defense | Cisco | 7.0.0 (including) | 7.0.0 (including) |
| Firepower_threat_defense | Cisco | 7.0.0.1 (including) | 7.0.0.1 (including) |
| Firepower_threat_defense | Cisco | 7.0.1 (including) | 7.0.1 (including) |
| Firepower_threat_defense | Cisco | 7.0.1.1 (including) | 7.0.1.1 (including) |
| Firepower_threat_defense | Cisco | 7.0.2 (including) | 7.0.2 (including) |
| Firepower_threat_defense | Cisco | 7.0.2.1 (including) | 7.0.2.1 (including) |
| Firepower_threat_defense | Cisco | 7.0.3 (including) | 7.0.3 (including) |
| Firepower_threat_defense | Cisco | 7.0.4 (including) | 7.0.4 (including) |
| Firepower_threat_defense | Cisco | 7.0.5 (including) | 7.0.5 (including) |
| Firepower_threat_defense | Cisco | 7.0.6 (including) | 7.0.6 (including) |
| Firepower_threat_defense | Cisco | 7.0.6.1 (including) | 7.0.6.1 (including) |
| Firepower_threat_defense | Cisco | 7.0.6.2 (including) | 7.0.6.2 (including) |
| Firepower_threat_defense | Cisco | 7.1.0 (including) | 7.1.0 (including) |
| Firepower_threat_defense | Cisco | 7.1.0.1 (including) | 7.1.0.1 (including) |
| Firepower_threat_defense | Cisco | 7.1.0.2 (including) | 7.1.0.2 (including) |
| Firepower_threat_defense | Cisco | 7.1.0.3 (including) | 7.1.0.3 (including) |
| Firepower_threat_defense | Cisco | 7.2.0 (including) | 7.2.0 (including) |
| Firepower_threat_defense | Cisco | 7.2.0.1 (including) | 7.2.0.1 (including) |
| Firepower_threat_defense | Cisco | 7.2.1 (including) | 7.2.1 (including) |
| Firepower_threat_defense | Cisco | 7.2.2 (including) | 7.2.2 (including) |
| Firepower_threat_defense | Cisco | 7.2.3 (including) | 7.2.3 (including) |
| Firepower_threat_defense | Cisco | 7.2.4 (including) | 7.2.4 (including) |
| Firepower_threat_defense | Cisco | 7.2.4.1 (including) | 7.2.4.1 (including) |
| Firepower_threat_defense | Cisco | 7.2.5 (including) | 7.2.5 (including) |
| Firepower_threat_defense | Cisco | 7.2.5.1 (including) | 7.2.5.1 (including) |
| Firepower_threat_defense | Cisco | 7.2.5.2 (including) | 7.2.5.2 (including) |
| Firepower_threat_defense | Cisco | 7.2.6 (including) | 7.2.6 (including) |
| Firepower_threat_defense | Cisco | 7.2.7 (including) | 7.2.7 (including) |
| Firepower_threat_defense | Cisco | 7.2.8 (including) | 7.2.8 (including) |
| Firepower_threat_defense | Cisco | 7.2.8.1 (including) | 7.2.8.1 (including) |
| Firepower_threat_defense | Cisco | 7.3.0 (including) | 7.3.0 (including) |
| Firepower_threat_defense | Cisco | 7.3.1 (including) | 7.3.1 (including) |
| Firepower_threat_defense | Cisco | 7.3.1.1 (including) | 7.3.1.1 (including) |
| Firepower_threat_defense | Cisco | 7.3.1.2 (including) | 7.3.1.2 (including) |
| Firepower_threat_defense | Cisco | 7.4.0 (including) | 7.4.0 (including) |
| Firepower_threat_defense | Cisco | 7.4.1 (including) | 7.4.1 (including) |
| Firepower_threat_defense | Cisco | 7.4.1.1 (including) | 7.4.1.1 (including) |