ID

VAR-201905-0585


CVE

CVE-2019-1696


TITLE

Cisco Firepower Threat Defense Software depletion vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-004367

DESCRIPTION

Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory. Cisco Firepower Threat Defense (FTD) The software is vulnerable to resource exhaustion.Service operation interruption (DoS) There is a possibility of being put into a state. Exploiting these issues allow remote attackers to cause a denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCvj83264, CSCvj91418. Cisco Firepower 4100 Series, etc. are all products of Cisco (Cisco). Cisco Firepower 4100 Series is a 4100 series firewall device. Cisco 3000 Series Industrial Security Appliances is a 3000 series firewall appliance. Cisco ASA 5500-X Series Firewalls is a 5500-X series firewall appliance. FTD Software is one of the unified software that provides next-generation firewall services. This vulnerability stems from improper management of system resources (such as memory, disk space, files, etc.) by network systems or products. The following products and versions are affected: Cisco 3000 Series Industrial Security Appliances (ISAs); Adaptive Security Appliance (ASA) 5500-X Series Firewalls; ASA 5500-X Series with FirePOWER Services; Advanced Malware Protection (AMP) for Networks for FirePOWER 7000 Series Appliances; AMP for Networks for FirePOWER 8000 Series Appliances; Firepower 2100 Series; Firepower 4100 Series; FirePOWER 7000 Series Appliances; FirePOWER 8000 Series Appliances; Firepower 9300 Security Appliances;

Trust: 1.98

sources: NVD: CVE-2019-1696 // JVNDB: JVNDB-2019-004367 // BID: 108171 // VULHUB: VHN-149158

AFFECTED PRODUCTS

vendor:ciscomodel:firepower management centerscope:eqversion:2.9.12

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.0.0

Trust: 1.0

vendor:ciscomodel:firepower management centerscope:eqversion:2.9.8

Trust: 1.0

vendor:ciscomodel:firepower management centerscope:eqversion:2.9.10

Trust: 1.0

vendor:ciscomodel:firepower management centerscope:eqversion:2.9.13

Trust: 1.0

vendor:ciscomodel:firepower management centerscope:eqversion:2.9.9

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.2.3.12

Trust: 1.0

vendor:ciscomodel:firepower management centerscope:eqversion:2.9.11

Trust: 1.0

vendor:ciscomodel:firepower management centerscope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower threat defense softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:next generation intrusion prevention systemscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:firepower threat defense virtualscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.3

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.3

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.2

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.1

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.2.1

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.0.1

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:6.0

Trust: 0.3

vendor:ciscomodel:firepower threat defense for integrated services routersscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:firepower security appliancescope:eqversion:93000

Trust: 0.3

vendor:ciscomodel:firepower series appliancesscope:eqversion:80000

Trust: 0.3

vendor:ciscomodel:firepower series appliancesscope:eqversion:70000

Trust: 0.3

vendor:ciscomodel:firepower seriesscope:eqversion:41000

Trust: 0.3

vendor:ciscomodel:firepower seriesscope:eqversion:21000

Trust: 0.3

vendor:ciscomodel:asa series with firepower servicesscope:eqversion:5500-x0

Trust: 0.3

vendor:ciscomodel:asa series firewallsscope:eqversion:5500-x0

Trust: 0.3

vendor:ciscomodel:advanced malware protection series appliancesscope:eqversion:70000

Trust: 0.3

vendor:ciscomodel:series industrial security appliancesscope:eqversion:30000

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:neversion:6.3.0.3

Trust: 0.3

vendor:ciscomodel:firepower threat defense softwarescope:neversion:6.2.3.12

Trust: 0.3

sources: BID: 108171 // JVNDB: JVNDB-2019-004367 // NVD: CVE-2019-1696

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1696
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1696
value: HIGH

Trust: 1.0

NVD: CVE-2019-1696
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201905-008
value: HIGH

Trust: 0.6

VULHUB: VHN-149158
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2019-1696
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-149158
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-1696
baseSeverity: HIGH
baseScore: 7.4
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 4.0
version: 3.0

Trust: 1.8

ykramarz@cisco.com: CVE-2019-1696
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.0

sources: VULHUB: VHN-149158 // JVNDB: JVNDB-2019-004367 // CNNVD: CNNVD-201905-008 // NVD: CVE-2019-1696 // NVD: CVE-2019-1696

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.9

sources: VULHUB: VHN-149158 // JVNDB: JVNDB-2019-004367 // NVD: CVE-2019-1696

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201905-008

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201905-008

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-004367

PATCH

title:cisco-sa-20190501-frpwr-smb-snorturl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort

Trust: 0.8

title:Cisco Firepower Threat Defense Remediation of resource management error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92159

Trust: 0.6

sources: JVNDB: JVNDB-2019-004367 // CNNVD: CNNVD-201905-008

EXTERNAL IDS

db:NVDid:CVE-2019-1696

Trust: 2.8

db:BIDid:108171

Trust: 2.0

db:JVNDBid:JVNDB-2019-004367

Trust: 0.8

db:CNNVDid:CNNVD-201905-008

Trust: 0.7

db:AUSCERTid:ESB-2019.1516

Trust: 0.6

db:VULHUBid:VHN-149158

Trust: 0.1

sources: VULHUB: VHN-149158 // BID: 108171 // JVNDB: JVNDB-2019-004367 // CNNVD: CNNVD-201905-008 // NVD: CVE-2019-1696

REFERENCES

url:http://www.securityfocus.com/bid/108171

Trust: 2.3

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-frpwr-smb-snort

Trust: 2.0

url:https://nvd.nist.gov/vuln/detail/cve-2019-1696

Trust: 1.4

url:http://www.cisco.com/

Trust: 0.9

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1696

Trust: 0.8

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-ftd-cmd-inject

Trust: 0.6

url:https://www.auscert.org.au/bulletins/80106

Trust: 0.6

url:https://vigilance.fr/vulnerability/snort-denial-of-service-via-smb-29400

Trust: 0.6

sources: VULHUB: VHN-149158 // BID: 108171 // JVNDB: JVNDB-2019-004367 // CNNVD: CNNVD-201905-008 // NVD: CVE-2019-1696

CREDITS

Cisco

Trust: 0.9

sources: BID: 108171 // CNNVD: CNNVD-201905-008

SOURCES

db:VULHUBid:VHN-149158
db:BIDid:108171
db:JVNDBid:JVNDB-2019-004367
db:CNNVDid:CNNVD-201905-008
db:NVDid:CVE-2019-1696

LAST UPDATE DATE

2024-08-14T13:45:04.832000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-149158date:2019-05-07T00:00:00
db:BIDid:108171date:2019-05-01T00:00:00
db:JVNDBid:JVNDB-2019-004367date:2019-05-31T00:00:00
db:CNNVDid:CNNVD-201905-008date:2019-05-27T00:00:00
db:NVDid:CVE-2019-1696date:2019-05-07T14:29:01.007

SOURCES RELEASE DATE

db:VULHUBid:VHN-149158date:2019-05-03T00:00:00
db:BIDid:108171date:2019-05-01T00:00:00
db:JVNDBid:JVNDB-2019-004367date:2019-05-31T00:00:00
db:CNNVDid:CNNVD-201905-008date:2019-05-01T00:00:00
db:NVDid:CVE-2019-1696date:2019-05-03T15:29:01.167