A vulnerability in the VPN configuration management of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass VPN security due to unintended side effects of dynamic configuration changes that could allow an attacker to bypass configured policies. The vulnerability is due to incorrect management of the configured interface names and VPN parameters when dynamic CLI configuration changes are performed. An attacker could exploit this vulnerability by sending packets through an interface on the targeted device. A successful exploit could allow the attacker to bypass configured VPN policies. Cisco Bug IDs: CSCvh49388.
History

Fri, 29 Nov 2024 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 26 Nov 2024 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Cisco secure Firewall Management Center
CPEs cpe:2.3:a:cisco:firepower_management_center:6.2.2:*:*:*:*:*:*:* cpe:2.3:a:cisco:secure_firewall_management_center:6.2.2:*:*:*:*:*:*:*
Vendors & Products Cisco firepower Management Center
Cisco secure Firewall Management Center

cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2018-06-07T21:00:00

Updated: 2024-11-29T15:04:50.878Z

Reserved: 2017-11-27T00:00:00

Link: CVE-2018-0333

cve-icon Vulnrichment

Updated: 2024-08-05T03:21:15.417Z

cve-icon NVD

Status : Modified

Published: 2018-06-07T21:29:00.463

Modified: 2024-11-26T16:09:02.407

Link: CVE-2018-0333

cve-icon Redhat

No data.