漏洞信息详情

Cisco Firepower System Software 安全漏洞

• CNNVD编号：CNNVD-201612-219
• 危害等级： 中危
  
• CVE编号： CVE-2016-9209
• 漏洞类型： 其他
• 发布时间： 2016-12-09
• 威胁类型： 远程
• 更新时间： 2016-12-12
• 厂        商： cisco
• 漏洞来源：

漏洞简介

Cisco Firepower System Software是美国思科（Cisco）公司的一款下一代防火墙产品（NGFW）。TCP是其中的一个网络传输协议。

Cisco Firepower System Software中的TCP处理过程存在安全漏洞。远程攻击者可借助特制的HTTP利用该漏洞诱骗用户下载恶意文件，绕过恶意文件保护机制。以下设备受到影响：Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services；Advanced Malware Protection (AMP) for Networks, 7000 Series Appliances；Advanced Malware Protection (AMP) for Networks, 8000 Series Appliances；FirePOWER 7000 Series Appliances；FirePOWER 8000 Series Appliances；FirePOWER Threat Defense for Integrated Services Routers (ISRs)；Next Generation Intrusion Prevention System (NGIPS) for Blue Coat X-Series；Sourcefire 3D System Appliances；Virtual Next-Generation Intrusion Prevention System (NGIPSv) for VMware。

漏洞公告

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接：

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-fpwr

参考网址

来源:tools.cisco.com

链接:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-fpwr

受影响实体

• Cisco Firepower_services_for_adaptive_security_appliance:6.0.0  
• Cisco Firepower_services_for_adaptive_security_appliance:5.3.0  
• Cisco Firepower_services_for_adaptive_security_appliance:5.4.0  
• Cisco Firepower_services_for_adaptive_security_appliance:5.4.1  
• Cisco Firepower_services_for_adaptive_security_appliance:5.4.1.4  

补丁

• Cisco Firepower System Software 安全漏洞的修复措施