Details of VAR-201905-0581

ID

VAR-201905-0581

CVE

CVE-2019-1687

TITLE

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-004368

DESCRIPTION

A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to an error in TCP-based packet inspection, which could cause the TCP packet to have an invalid Layer 2 (L2)-formatted header. An attacker could exploit this vulnerability by sending a crafted TCP packet sequence to the targeted device. A successful exploit could allow the attacker to cause a DoS condition. Cisco ASA Software和FTD Software中的TCP代理功能存在输入验证错误漏洞。该漏洞源于网络系统或产品未对输入的数据进行正确的验证。以下产品及版本受到影响：Cisco 3000 Series Industrial Security Appliances；ASA 1000V Cloud Firewall；ASA 5500 Series Adaptive Security Appliances；ASA 5500-X Series Firewalls；ASA Services Module for Cisco Catalyst 6500 Series Switches和Cisco 7600 Series Routers；Adaptive Security Virtual Appliance；Firepower 2100 Series；Firepower 4100 Series；Firepower 9300 Security Appliances. Multiple Cisco Products are prone to an remote denial-of-service vulnerability. This issue is being tracked by Cisco Bug ID CSCvk44166. The vulnerability stems from the failure of the network system or product to properly validate the input data

Trust: 2.52

sources: NVD: CVE-2019-1687 // JVNDB: JVNDB-2019-004368 // CNNVD: CNNVD-201905-024 // BID: 108176 // VULHUB: VHN-149059

AFFECTED PRODUCTS

vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.5	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.3.0.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.9.2.50	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.10.1.17	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.8.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.6.4.25	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.4.4.34	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.10	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.0.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.3.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.2.3.12	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.9	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower threat defense software	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.3	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.2.3	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.2.2	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.2	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.1	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.2.1	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.0	Trust: 0.3
vendor:	cisco	model:	firepower security appliances	scope:	eq	version:	93000	Trust: 0.3
vendor:	cisco	model:	firepower series	scope:	eq	version:	21000	Trust: 0.3
vendor:	cisco	model:	asa services module for cisco catalyst series switches	scope:	eq	version:	76000	Trust: 0.3
vendor:	cisco	model:	asa services module for cisco catalyst series switches	scope:	eq	version:	65000	Trust: 0.3
vendor:	cisco	model:	asa for firepower series	scope:	eq	version:	41000	Trust: 0.3
vendor:	cisco	model:	asa series firewalls	scope:	eq	version:	5500-x9.9(2)	Trust: 0.3
vendor:	cisco	model:	asa series firewalls	scope:	eq	version:	5500-x0	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliances	scope:	eq	version:	55000	Trust: 0.3
vendor:	cisco	model:	asa cloud firewall	scope:	eq	version:	1000v-	Trust: 0.3
vendor:	cisco	model:	adaptive security virtual appliance	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.9	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.8	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.7	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.6	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.5	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.10	Trust: 0.3
vendor:	cisco	model:	series industrial security appliances	scope:	eq	version:	30000	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	ne	version:	6.3.0.3	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	ne	version:	6.2.3.12	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	ne	version:	9.8.4	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	ne	version:	9.9.2.50	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	ne	version:	9.6.4.25	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	ne	version:	9.4.4.34	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance software	scope:	ne	version:	9.10.1.17	Trust: 0.3

sources: BID: 108176 // JVNDB: JVNDB-2019-004368 // NVD: CVE-2019-1687

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-1687
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1687
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-1687
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201905-024
value:	HIGH
Trust: 0.6
VULHUB:	VHN-149059
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2019-1687
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-149059
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-1687
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1687
baseSeverity:	MEDIUM
baseScore:	6.8
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.2
impactScore:	4.0
version:	3.0
Trust: 1.0
NVD:	CVE-2019-1687
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-149059 // JVNDB: JVNDB-2019-004368 // CNNVD: CNNVD-201905-024 // NVD: CVE-2019-1687 // NVD: CVE-2019-1687

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-149059 // JVNDB: JVNDB-2019-004368 // NVD: CVE-2019-1687

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-024

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201905-024

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-004368

PATCH

title:	cisco-sa-20190501-asa-ftdtcp-dos	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftdtcp-dos	Trust: 0.8
title:	Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Enter the fix for the verification error vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92175	Trust: 0.6

sources: JVNDB: JVNDB-2019-004368 // CNNVD: CNNVD-201905-024

EXTERNAL IDS

db:	NVD	id:	CVE-2019-1687	Trust: 2.8
db:	BID	id:	108176	Trust: 2.0
db:	JVNDB	id:	JVNDB-2019-004368	Trust: 0.8
db:	CNNVD	id:	CNNVD-201905-024	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.1510.2	Trust: 0.6
db:	VULHUB	id:	VHN-149059	Trust: 0.1

sources: VULHUB: VHN-149059 // BID: 108176 // JVNDB: JVNDB-2019-004368 // CNNVD: CNNVD-201905-024 // NVD: CVE-2019-1687

REFERENCES

url:	http://www.securityfocus.com/bid/108176	Trust: 2.3
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-asa-ftdtcp-dos	Trust: 2.0
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1687	Trust: 1.4
url:	http://www.cisco.com/	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1687	Trust: 0.8
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-asa-ftd-ike-dos	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-asa-denial-of-service-via-tcp-proxy-29199	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/80090	Trust: 0.6

sources: VULHUB: VHN-149059 // BID: 108176 // JVNDB: JVNDB-2019-004368 // CNNVD: CNNVD-201905-024 // NVD: CVE-2019-1687

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 108176

SOURCES

db:	VULHUB	id:	VHN-149059
db:	BID	id:	108176
db:	JVNDB	id:	JVNDB-2019-004368
db:	CNNVD	id:	CNNVD-201905-024
db:	NVD	id:	CVE-2019-1687

LAST UPDATE DATE

2024-08-14T13:45:03.651000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-149059	date:	2019-05-07T00:00:00
db:	BID	id:	108176	date:	2019-05-01T00:00:00
db:	JVNDB	id:	JVNDB-2019-004368	date:	2019-05-31T00:00:00
db:	CNNVD	id:	CNNVD-201905-024	date:	2019-05-14T00:00:00
db:	NVD	id:	CVE-2019-1687	date:	2023-08-15T15:24:56.340

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-149059	date:	2019-05-03T00:00:00
db:	BID	id:	108176	date:	2019-05-01T00:00:00
db:	JVNDB	id:	JVNDB-2019-004368	date:	2019-05-31T00:00:00
db:	CNNVD	id:	CNNVD-201905-024	date:	2019-05-01T00:00:00
db:	NVD	id:	CVE-2019-1687	date:	2019-05-03T15:29:00.837