A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system.

The vulnerability is due to the incorrect handling of duplicate downloads of malware files.

An attacker could exploit this vulnerability by sending an attempt to download a file that contains malware to an affected system.

A successful exploit could allow the attacker to bypass malicious file detection or blocking policies that are configured for the system, which could allow malware to pass through the system undetected.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-firepower
A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system.

The vulnerability is due to the incorrect handling of duplicate downloads of malware files.

An attacker could exploit this vulnerability by sending an attempt to download a file that contains malware to an affected system.

A successful exploit could allow the attacker to bypass malicious file detection or blocking policies that are configured for the system, which could allow malware to pass through the system undetected.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-firepower

Security Impact Rating: Medium

CVE: CVE-2016-9193

Leave a Reply