Sign-up

ID

VAR-201905-0598


CVE

CVE-2019-1832


TITLE

Cisco Firepower Threat Defense Vulnerability related to failure of protection mechanism in software

Trust: 0.8

sources: JVNDB: JVNDB-2019-004583

DESCRIPTION

A vulnerability in the detection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies. The vulnerability is due to improper validation of ICMP packets. An attacker could exploit this vulnerability by sending crafted ICMP packets to the affected device. A successful exploit could allow the attacker to bypass configured access control policies. This issue is being tracked by Cisco BugID CSCvk43854. A security vulnerability exists in the inspection engine in Cisco FTD due to the program not properly validating ICMP packets. The following products and versions are affected: Cisco Firepower Threat Defense Release 6.2.0, Release 6.2.0.5, Release 6.2.3, Release 6.2.3.1, Release 6.2.3.2, Release 6.4.0

Trust: 1.98

sources: NVD: CVE-2019-1832 // JVNDB: JVNDB-2019-004583 // BID: 108340 // VULHUB: VHN-150654

AFFECTED PRODUCTS

vendor:ciscomodel:firepower management centerscope:eqversion:6.2.3.2

Trust: 1.3

vendor:ciscomodel:firepower management centerscope:eqversion:6.2.3.1

Trust: 1.3

vendor:ciscomodel:firepower management centerscope:eqversion:6.2.3

Trust: 1.3

vendor:ciscomodel:firepower management centerscope:eqversion:6.2.0.5

Trust: 1.3

vendor:ciscomodel:firepower management centerscope:eqversion:6.2.0

Trust: 1.0

vendor:ciscomodel:firepower management centerscope:eqversion:6.4.0

Trust: 1.0

vendor:ciscomodel:firepower management centerscope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower threat defense softwarescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:firepower management centerscope:eqversion:6.4

Trust: 0.3

vendor:ciscomodel:firepower management centerscope:eqversion:6.2

Trust: 0.3

sources: BID: 108340 // JVNDB: JVNDB-2019-004583 // NVD: CVE-2019-1832

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1832
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1832
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-1832
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201905-703
value: HIGH

Trust: 0.6

VULHUB: VHN-150654
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-1832
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-150654
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-1832
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

ykramarz@cisco.com: CVE-2019-1832
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.0

sources: VULHUB: VHN-150654 // JVNDB: JVNDB-2019-004583 // CNNVD: CNNVD-201905-703 // NVD: CVE-2019-1832 // NVD: CVE-2019-1832

PROBLEMTYPE DATA

problemtype:CWE-693

Trust: 1.9

sources: VULHUB: VHN-150654 // JVNDB: JVNDB-2019-004583 // NVD: CVE-2019-1832

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-703

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201905-703

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-004583

PATCH
title:cisco-sa-20190515-ftdde-poly-bypassurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-ftdde-poly-bypass
Trust: 0.8
title:Cisco Firepower Threat Defense Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=92827
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2019-004583 // 
            
            
            
            CNNVD: CNNVD-201905-703

EXTERNAL IDS
db:NVDid:CVE-2019-1832
Trust: 2.8
db:BIDid:108340
Trust: 2.0
db:JVNDBid:JVNDB-2019-004583
Trust: 0.8
db:CNNVDid:CNNVD-201905-703
Trust: 0.7
db:AUSCERTid:ESB-2019.1778
Trust: 0.6
db:VULHUBid:VHN-150654
Trust: 0.1
sources:
            
            
            VULHUB: VHN-150654 // 
            
            
            
            BID: 108340 // 
            
            
            
            JVNDB: JVNDB-2019-004583 // 
            
            
            
            CNNVD: CNNVD-201905-703 // 
            
            
            
            NVD: CVE-2019-1832

REFERENCES
url:http://www.securityfocus.com/bid/108340
Trust: 2.3
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-ftdde-poly-bypass
Trust: 2.0
url:https://nvd.nist.gov/vuln/detail/cve-2019-1832
Trust: 1.4
url:http://www.cisco.com/
Trust: 0.9
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1832
Trust: 0.8
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190515-ftd-ssltls-bypass
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2019.1778/
Trust: 0.6
url:https://www.auscert.org.au/bulletins/81190
Trust: 0.6
sources:
            
            
            VULHUB: VHN-150654 // 
            
            
            
            BID: 108340 // 
            
            
            
            JVNDB: JVNDB-2019-004583 // 
            
            
            
            CNNVD: CNNVD-201905-703 // 
            
            
            
            NVD: CVE-2019-1832

CREDITS
Cisco
Trust: 0.9
sources:
            
            
            BID: 108340 // 
            
            
            
            CNNVD: CNNVD-201905-703

SOURCES
db:VULHUBid:VHN-150654
db:BIDid:108340
db:JVNDBid:JVNDB-2019-004583
db:CNNVDid:CNNVD-201905-703
db:NVDid:CVE-2019-1832

LAST UPDATE DATE
2024-08-14T14:45:21.376000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-150654date:2019-10-09T00:00:00
db:BIDid:108340date:2019-05-15T00:00:00
db:JVNDBid:JVNDB-2019-004583date:2019-06-05T00:00:00
db:CNNVDid:CNNVD-201905-703date:2019-05-21T00:00:00
db:NVDid:CVE-2019-1832date:2019-10-09T23:48:16.957

SOURCES RELEASE DATE
db:VULHUBid:VHN-150654date:2019-05-16T00:00:00
db:BIDid:108340date:2019-05-15T00:00:00
db:JVNDBid:JVNDB-2019-004583date:2019-06-05T00:00:00
db:CNNVDid:CNNVD-201905-703date:2019-05-15T00:00:00
db:NVDid:CVE-2019-1832date:2019-05-16T02:29:00.327