Details of VAR-201905-0585

ID

VAR-201905-0585

CVE

CVE-2019-1696

TITLE

Cisco Firepower Threat Defense Software depletion vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-004367

DESCRIPTION

Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory. Cisco Firepower Threat Defense (FTD) The software is vulnerable to resource exhaustion.Service operation interruption (DoS) There is a possibility of being put into a state. Exploiting these issues allow remote attackers to cause a denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCvj83264, CSCvj91418. Cisco Firepower 4100 Series, etc. are all products of Cisco (Cisco). Cisco Firepower 4100 Series is a 4100 series firewall device. Cisco 3000 Series Industrial Security Appliances is a 3000 series firewall appliance. Cisco ASA 5500-X Series Firewalls is a 5500-X series firewall appliance. FTD Software is one of the unified software that provides next-generation firewall services. This vulnerability stems from improper management of system resources (such as memory, disk space, files, etc.) by network systems or products. The following products and versions are affected: Cisco 3000 Series Industrial Security Appliances (ISAs); Adaptive Security Appliance (ASA) 5500-X Series Firewalls; ASA 5500-X Series with FirePOWER Services; Advanced Malware Protection (AMP) for Networks for FirePOWER 7000 Series Appliances; AMP for Networks for FirePOWER 8000 Series Appliances; Firepower 2100 Series; Firepower 4100 Series; FirePOWER 7000 Series Appliances; FirePOWER 8000 Series Appliances; Firepower 9300 Security Appliances;

Trust: 1.98

sources: NVD: CVE-2019-1696 // JVNDB: JVNDB-2019-004367 // BID: 108171 // VULHUB: VHN-149158

AFFECTED PRODUCTS

vendor:	cisco	model:	firepower management center	scope:	eq	version:	2.9.12	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.0.0	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	2.9.8	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	2.9.10	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	2.9.13	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	2.9.9	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.2.3.12	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	2.9.11	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower threat defense software	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	next generation intrusion prevention system	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	firepower threat defense virtual	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.3	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.2.3	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.2.2	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.2	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.1	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.2.1	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.0.1	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	eq	version:	6.0	Trust: 0.3
vendor:	cisco	model:	firepower threat defense for integrated services routers	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	firepower security appliance	scope:	eq	version:	93000	Trust: 0.3
vendor:	cisco	model:	firepower series appliances	scope:	eq	version:	80000	Trust: 0.3
vendor:	cisco	model:	firepower series appliances	scope:	eq	version:	70000	Trust: 0.3
vendor:	cisco	model:	firepower series	scope:	eq	version:	41000	Trust: 0.3
vendor:	cisco	model:	firepower series	scope:	eq	version:	21000	Trust: 0.3
vendor:	cisco	model:	asa series with firepower services	scope:	eq	version:	5500-x0	Trust: 0.3
vendor:	cisco	model:	asa series firewalls	scope:	eq	version:	5500-x0	Trust: 0.3
vendor:	cisco	model:	advanced malware protection series appliances	scope:	eq	version:	70000	Trust: 0.3
vendor:	cisco	model:	series industrial security appliances	scope:	eq	version:	30000	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	ne	version:	6.3.0.3	Trust: 0.3
vendor:	cisco	model:	firepower threat defense software	scope:	ne	version:	6.2.3.12	Trust: 0.3

sources: BID: 108171 // JVNDB: JVNDB-2019-004367 // NVD: CVE-2019-1696

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-1696
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1696
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-1696
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201905-008
value:	HIGH
Trust: 0.6
VULHUB:	VHN-149158
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2019-1696
severity:	LOW
baseScore:	3.3
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	6.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-149158
severity:	LOW
baseScore:	3.3
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	6.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-1696
baseSeverity:	HIGH
baseScore:	7.4
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	4.0
version:	3.0
Trust: 1.8
ykramarz@cisco.com:	CVE-2019-1696
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.0

sources: VULHUB: VHN-149158 // JVNDB: JVNDB-2019-004367 // CNNVD: CNNVD-201905-008 // NVD: CVE-2019-1696 // NVD: CVE-2019-1696

PROBLEMTYPE DATA

problemtype:

CWE-400

Trust: 1.9

sources: VULHUB: VHN-149158 // JVNDB: JVNDB-2019-004367 // NVD: CVE-2019-1696

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201905-008

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201905-008

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-004367

PATCH

title:	cisco-sa-20190501-frpwr-smb-snort	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort	Trust: 0.8
title:	Cisco Firepower Threat Defense Remediation of resource management error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92159	Trust: 0.6

sources: JVNDB: JVNDB-2019-004367 // CNNVD: CNNVD-201905-008

EXTERNAL IDS

db:	NVD	id:	CVE-2019-1696	Trust: 2.8
db:	BID	id:	108171	Trust: 2.0
db:	JVNDB	id:	JVNDB-2019-004367	Trust: 0.8
db:	CNNVD	id:	CNNVD-201905-008	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.1516	Trust: 0.6
db:	VULHUB	id:	VHN-149158	Trust: 0.1

sources: VULHUB: VHN-149158 // BID: 108171 // JVNDB: JVNDB-2019-004367 // CNNVD: CNNVD-201905-008 // NVD: CVE-2019-1696

REFERENCES

url:	http://www.securityfocus.com/bid/108171	Trust: 2.3
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-frpwr-smb-snort	Trust: 2.0
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1696	Trust: 1.4
url:	http://www.cisco.com/	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1696	Trust: 0.8
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190501-ftd-cmd-inject	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/80106	Trust: 0.6
url:	https://vigilance.fr/vulnerability/snort-denial-of-service-via-smb-29400	Trust: 0.6

sources: VULHUB: VHN-149158 // BID: 108171 // JVNDB: JVNDB-2019-004367 // CNNVD: CNNVD-201905-008 // NVD: CVE-2019-1696

CREDITS

Cisco

Trust: 0.9

sources: BID: 108171 // CNNVD: CNNVD-201905-008

SOURCES

db:	VULHUB	id:	VHN-149158
db:	BID	id:	108171
db:	JVNDB	id:	JVNDB-2019-004367
db:	CNNVD	id:	CNNVD-201905-008
db:	NVD	id:	CVE-2019-1696

LAST UPDATE DATE

2024-08-14T13:45:04.832000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-149158	date:	2019-05-07T00:00:00
db:	BID	id:	108171	date:	2019-05-01T00:00:00
db:	JVNDB	id:	JVNDB-2019-004367	date:	2019-05-31T00:00:00
db:	CNNVD	id:	CNNVD-201905-008	date:	2019-05-27T00:00:00
db:	NVD	id:	CVE-2019-1696	date:	2019-05-07T14:29:01.007

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-149158	date:	2019-05-03T00:00:00
db:	BID	id:	108171	date:	2019-05-01T00:00:00
db:	JVNDB	id:	JVNDB-2019-004367	date:	2019-05-31T00:00:00
db:	CNNVD	id:	CNNVD-201905-008	date:	2019-05-01T00:00:00
db:	NVD	id:	CVE-2019-1696	date:	2019-05-03T15:29:01.167