ID

VAR-201905-0598


CVE

CVE-2019-1832


TITLE

Cisco Firepower Threat Defense Vulnerability related to failure of protection mechanism in software

Trust: 0.8

sources: JVNDB: JVNDB-2019-004583

DESCRIPTION

A vulnerability in the detection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies. The vulnerability is due to improper validation of ICMP packets. An attacker could exploit this vulnerability by sending crafted ICMP packets to the affected device. A successful exploit could allow the attacker to bypass configured access control policies. This issue is being tracked by Cisco BugID CSCvk43854. A security vulnerability exists in the inspection engine in Cisco FTD due to the program not properly validating ICMP packets. The following products and versions are affected: Cisco Firepower Threat Defense Release 6.2.0, Release 6.2.0.5, Release 6.2.3, Release 6.2.3.1, Release 6.2.3.2, Release 6.4.0

Trust: 1.98

sources: NVD: CVE-2019-1832 // JVNDB: JVNDB-2019-004583 // BID: 108340 // VULHUB: VHN-150654

AFFECTED PRODUCTS

vendor:ciscomodel:firepower management centerscope:eqversion:6.2.3.2

Trust: 1.3

vendor:ciscomodel:firepower management centerscope:eqversion:6.2.3.1

Trust: 1.3

vendor:ciscomodel:firepower management centerscope:eqversion:6.2.3

Trust: 1.3

vendor:ciscomodel:firepower management centerscope:eqversion:6.2.0.5

Trust: 1.3

vendor:ciscomodel:firepower management centerscope:eqversion:6.2.0

Trust: 1.0

vendor:ciscomodel:firepower management centerscope:eqversion:6.4.0

Trust: 1.0

vendor:ciscomodel:firepower management centerscope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:firepower management centerscope:eqversion:6.4

Trust: 0.3

vendor:ciscomodel:firepower management centerscope:eqversion:6.2

Trust: 0.3

sources: BID: 108340 // JVNDB: JVNDB-2019-004583 // NVD: CVE-2019-1832

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1832
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1832
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-1832
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201905-703
value: HIGH

Trust: 0.6

VULHUB: VHN-150654
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-1832
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-150654
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-1832
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

ykramarz@cisco.com: CVE-2019-1832
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.0

sources: VULHUB: VHN-150654 // JVNDB: JVNDB-2019-004583 // CNNVD: CNNVD-201905-703 // NVD: CVE-2019-1832 // NVD: CVE-2019-1832

PROBLEMTYPE DATA

problemtype:CWE-693

Trust: 1.9

sources: VULHUB: VHN-150654 // JVNDB: JVNDB-2019-004583 // NVD: CVE-2019-1832

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-703

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201905-703

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-004583

PATCH

title:cisco-sa-20190515-ftdde-poly-bypassurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-ftdde-poly-bypass

Trust: 0.8

title:Cisco Firepower Threat Defense Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92827

Trust: 0.6

sources: JVNDB: JVNDB-2019-004583 // CNNVD: CNNVD-201905-703

EXTERNAL IDS

db:NVDid:CVE-2019-1832

Trust: 2.8

db:BIDid:108340

Trust: 2.0

db:JVNDBid:JVNDB-2019-004583

Trust: 0.8

db:CNNVDid:CNNVD-201905-703

Trust: 0.7

db:AUSCERTid:ESB-2019.1778

Trust: 0.6

db:VULHUBid:VHN-150654

Trust: 0.1

sources: VULHUB: VHN-150654 // BID: 108340 // JVNDB: JVNDB-2019-004583 // CNNVD: CNNVD-201905-703 // NVD: CVE-2019-1832

REFERENCES

url:http://www.securityfocus.com/bid/108340

Trust: 2.3

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-ftdde-poly-bypass

Trust: 2.0

url:https://nvd.nist.gov/vuln/detail/cve-2019-1832

Trust: 1.4

url:http://www.cisco.com/

Trust: 0.9

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1832

Trust: 0.8

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-ftd-ssltls-bypass

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.1778/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/81190

Trust: 0.6

sources: VULHUB: VHN-150654 // BID: 108340 // JVNDB: JVNDB-2019-004583 // CNNVD: CNNVD-201905-703 // NVD: CVE-2019-1832

CREDITS

Cisco

Trust: 0.9

sources: BID: 108340 // CNNVD: CNNVD-201905-703

SOURCES

db:VULHUBid:VHN-150654
db:BIDid:108340
db:JVNDBid:JVNDB-2019-004583
db:CNNVDid:CNNVD-201905-703
db:NVDid:CVE-2019-1832

LAST UPDATE DATE

2024-08-14T14:45:21.376000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-150654date:2019-10-09T00:00:00
db:BIDid:108340date:2019-05-15T00:00:00
db:JVNDBid:JVNDB-2019-004583date:2019-06-05T00:00:00
db:CNNVDid:CNNVD-201905-703date:2019-05-21T00:00:00
db:NVDid:CVE-2019-1832date:2019-10-09T23:48:16.957

SOURCES RELEASE DATE

db:VULHUBid:VHN-150654date:2019-05-16T00:00:00
db:BIDid:108340date:2019-05-15T00:00:00
db:JVNDBid:JVNDB-2019-004583date:2019-06-05T00:00:00
db:CNNVDid:CNNVD-201905-703date:2019-05-15T00:00:00
db:NVDid:CVE-2019-1832date:2019-05-16T02:29:00.327