Cisco Firepower Management Center and Cisco FireSIGHT System Software Malicious Software Detection Bypass Vulnerability

A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system.

The vulnerability is due to the incorrect handling of duplicate downloads of malware files. An attacker could exploit this vulnerability by sending an attempt to download a file that contains malware to an affected system. A successful exploit could allow the attacker to bypass malicious file detection or blocking policies that are configured for the system, which could allow malware to pass through the system undetected.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://ift.tt/2hgUslT A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system.

The vulnerability is due to the incorrect handling of duplicate downloads of malware files. An attacker could exploit this vulnerability by sending an attempt to download a file that contains malware to an affected system. A successful exploit could allow the attacker to bypass malicious file detection or blocking policies that are configured for the system, which could allow malware to pass through the system undetected.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://ift.tt/2hgUslT
Security Impact Rating: Medium
CVE: CVE-2016-9193

from Cisco Security Advisory http://ift.tt/2hgUslT