Cisco's FirePower firewall line receives security update
A software bug doesn't properly validate fields in HTTP headers.
Cisco's recently launched line of FirePower firewall products are receiving a free “high severity” security update to fix a critical vulnerability that enables attackers to surreptitiously inject malware onto critical systems, according to a Cisco advisory.
The software bug, addressed with update CVE-2016-1345, doesn't properly validate fields in HTTP headers, which could allow an unauthenticated remote attacker to send a crafted HTTP request that could evade detection or could halt policies setup on the system.
The flaw also affects Snort, a Cisco-owned open source network-based intrusion detection system. If Snort source code is compiled with the “enable-file-inspect configuration flag,” then the system is also vulnerable to the malware exploit, Cisco said.
There are no workarounds that address this vulnerability, Cisco said.In the past month, the San Jose, Calif.-based networking equipment firm has released advisories on 30 vulnerabilities – one critical, 16 high severity and 13 medium severity.