Sign-up

ID

VAR-201902-0451


CVE

CVE-2019-1691


TITLE

Cisco Firepower Threat Defense Software input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-001925

DESCRIPTION

A vulnerability in the detection engine of Cisco Firepower Threat Defense Software could allow an unauthenticated, remote attacker to cause the unexpected restart of the SNORT detection engine, resulting in a denial of service (DoS) condition. The vulnerability is due to the incomplete error handling of the SSL or TLS packet header during the connection establishment. An attacker could exploit this vulnerability by sending a crafted SSL or TLS packet during the connection handshake. An exploit could allow the attacker to cause the SNORT detection engine to unexpectedly restart, resulting in a partial DoS condition while the detection engine restarts. Versions prior to 6.2.3.4 are affected. Cisco Firepower Threat Defense The software contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Exploiting this issue allows remote attackers to cause excessive memory consumption. This issue is being tracked by Cisco Bug ID CSCvj97647. An input validation vulnerability exists in the detection engine in Cisco FTD

Trust: 1.98

sources: NVD: CVE-2019-1691 // JVNDB: JVNDB-2019-001925 // BID: 107099 // VULHUB: VHN-149103

AFFECTED PRODUCTS

vendor:ciscomodel:firepower threat defensescope:ltversion:6.2.3.4

Trust: 1.0

vendor:ciscomodel:firepower threat defense softwarescope:ltversion:6.2.3.4

Trust: 0.8

vendor:ciscomodel:firepower management centerscope:eqversion:0

Trust: 0.3

sources: BID: 107099 // JVNDB: JVNDB-2019-001925 // NVD: CVE-2019-1691

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1691
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1691
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-1691
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201902-792
value: MEDIUM

Trust: 0.6

VULHUB: VHN-149103
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-1691
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-149103
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

ykramarz@cisco.com: CVE-2019-1691
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.8

nvd@nist.gov: CVE-2019-1691
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-149103 // JVNDB: JVNDB-2019-001925 // CNNVD: CNNVD-201902-792 // NVD: CVE-2019-1691 // NVD: CVE-2019-1691

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

problemtype:CWE-755

Trust: 1.1

sources: VULHUB: VHN-149103 // JVNDB: JVNDB-2019-001925 // NVD: CVE-2019-1691

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201902-792

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201902-792

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-001925

PATCH
title:cisco-sa-20190220-fpwr-ssltls-dosurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-fpwr-ssltls-dos
Trust: 0.8
title:Cisco Firepower Threat Defense Enter the fix for the verification vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=89599
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2019-001925 // 
            
            
            
            CNNVD: CNNVD-201902-792

EXTERNAL IDS
db:NVDid:CVE-2019-1691
Trust: 2.8
db:BIDid:107099
Trust: 2.0
db:JVNDBid:JVNDB-2019-001925
Trust: 0.8
db:CNNVDid:CNNVD-201902-792
Trust: 0.7
db:NSFOCUSid:42797
Trust: 0.6
db:AUSCERTid:ESB-2019.0531
Trust: 0.6
db:VULHUBid:VHN-149103
Trust: 0.1
sources:
            
            
            VULHUB: VHN-149103 // 
            
            
            
            BID: 107099 // 
            
            
            
            JVNDB: JVNDB-2019-001925 // 
            
            
            
            CNNVD: CNNVD-201902-792 // 
            
            
            
            NVD: CVE-2019-1691

REFERENCES
url:http://www.securityfocus.com/bid/107099
Trust: 2.3
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190220-fpwr-ssltls-dos
Trust: 2.0
url:https://nvd.nist.gov/vuln/detail/cve-2019-1691
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1691
Trust: 0.8
url:https://www.auscert.org.au/bulletins/75870
Trust: 0.6
url:http://www.nsfocus.net/vulndb/42797
Trust: 0.6
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-149103 // 
            
            
            
            BID: 107099 // 
            
            
            
            JVNDB: JVNDB-2019-001925 // 
            
            
            
            CNNVD: CNNVD-201902-792 // 
            
            
            
            NVD: CVE-2019-1691

CREDITS
This vulnerability was found during internal security testing.,The vendor reported this issue.,vendor ?? ??
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201902-792

SOURCES
db:VULHUBid:VHN-149103
db:BIDid:107099
db:JVNDBid:JVNDB-2019-001925
db:CNNVDid:CNNVD-201902-792
db:NVDid:CVE-2019-1691

LAST UPDATE DATE
2024-08-14T14:04:36.934000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-149103date:2020-10-16T00:00:00
db:BIDid:107099date:2019-02-20T00:00:00
db:JVNDBid:JVNDB-2019-001925date:2019-03-29T00:00:00
db:CNNVDid:CNNVD-201902-792date:2020-10-19T00:00:00
db:NVDid:CVE-2019-1691date:2020-10-16T13:12:14.857

SOURCES RELEASE DATE
db:VULHUBid:VHN-149103date:2019-02-21T00:00:00
db:BIDid:107099date:2019-02-20T00:00:00
db:JVNDBid:JVNDB-2019-001925date:2019-03-29T00:00:00
db:CNNVDid:CNNVD-201902-792date:2019-02-21T00:00:00
db:NVDid:CVE-2019-1691date:2019-02-21T20:29:00.417