Medium severity5.8NVD Advisory· Published May 17, 2018· Updated Jun 17, 2026
CVE-2018-0297
CVE-2018-0297
Description
A vulnerability in the detection engine of Cisco Firepower Threat Defense software could allow an unauthenticated, remote attacker to bypass a configured Secure Sockets Layer (SSL) Access Control (AC) policy to block SSL traffic. The vulnerability is due to the incorrect handling of TCP SSL packets received out of order. An attacker could exploit this vulnerability by sending a crafted SSL connection through the affected device. A successful exploit could allow the attacker to bypass a configured SSL AC policy to block SSL traffic. Cisco Bug IDs: CSCvg09316.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
2- www.securityfocus.com/bid/104197nvdThird Party AdvisoryVDB Entry
- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-firepwr-pbnvdVendor Advisory
News mentions
0No linked articles in our index yet.