Cisco Firepower System Software URL Filtering Bypass Vulnerability

A vulnerability in the feature-license management functionality of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass URL filters that have been configured for an affected device.

The vulnerability exists because the URL Filtering license for the affected software could be disabled unexpectedly, which could disable the URL filtering functionality of the affected software. An attacker could exploit this vulnerability by sending traffic, which should have matched a configured URL filter, through an affected device. A successful exploit could allow the attacker to bypass URL filters that were configured for the affected device.

There is a workaround that addresses this vulnerability.

This advisory is available at the following link:
http://ift.tt/2qQKwD9 A vulnerability in the feature-license management functionality of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass URL filters that have been configured for an affected device.

The vulnerability exists because the URL Filtering license for the affected software could be disabled unexpectedly, which could disable the URL filtering functionality of the affected software. An attacker could exploit this vulnerability by sending traffic, which should have matched a configured URL filter, through an affected device. A successful exploit could allow the attacker to bypass URL filters that were configured for the affected device.

There is a workaround that addresses this vulnerability.

This advisory is available at the following link:
http://ift.tt/2qQKwD9
Security Impact Rating: Medium
CVE: CVE-2017-6674

from Cisco Security Advisory http://ift.tt/2qQKwD9