Security restrictions bypass in Cisco Firepower Threat Defense



Risk Medium
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2019-1669
CWE-ID CWE-693
Exploitation vector Network
Public exploit N/A
Vulnerable software
Other
Vendor

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Security restrictions bypass

EUVDB-ID: #VU17203

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2019-1669

CWE-ID: CWE-693 - Protection Mechanism Failure

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass configured access control policies or cause a denial of service (DoS) condition.

The vulnerability exists in the data acquisition (DAQ) component due to the affected software improperly manages system memory resources when inspecting traffic. A remote unauthenticated attacker can generate specific traffic patterns for the software to inspect, exhaust system memory resources used for traffic inspection to cause the FTD Software to fail open and cease to inspect traffic or fail closed and result in a DoS condition.

Mitigation

Install update from vendor's website.

Vulnerable software versions

: 6.3.0

CPE2.3 External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-firepowertds...


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###