Details of VAR-201908-0841

ID

VAR-201908-0841

CVE

CVE-2019-1970

TITLE

Cisco Firepower Threat Defense Vulnerability related to failure of protection mechanism in software

Trust: 0.8

sources: JVNDB: JVNDB-2019-007623

DESCRIPTION

A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors when handling specific SSL/TLS messages. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and deliver a malicious payload to the protected network. Cisco Firepower Threat Defense (FTD) The software is vulnerable to a defect in the protection mechanism.Information may be tampered with

Trust: 1.71

sources: NVD: CVE-2019-1970 // JVNDB: JVNDB-2019-007623 // VULHUB: VHN-152172

AFFECTED PRODUCTS

vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.4.1	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.4.0	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.3.0	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower threat defense software	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2019-007623 // NVD: CVE-2019-1970

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-1970
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-1970
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-1970
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201908-563
value:	HIGH
Trust: 0.6
VULHUB:	VHN-152172
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-1970
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-152172
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-1970
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8
ykramarz@cisco.com:	CVE-2019-1970
baseSeverity:	MEDIUM
baseScore:	5.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 1.0

sources: VULHUB: VHN-152172 // JVNDB: JVNDB-2019-007623 // CNNVD: CNNVD-201908-563 // NVD: CVE-2019-1970 // NVD: CVE-2019-1970

PROBLEMTYPE DATA

problemtype:

CWE-693

Trust: 1.9

sources: VULHUB: VHN-152172 // JVNDB: JVNDB-2019-007623 // NVD: CVE-2019-1970

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201908-563

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201908-563

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-007623

PATCH

title:	cisco-sa-20190807-ftd-bypass	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-ftd-bypass	Trust: 0.8
title:	Cisco Firepower Threat Defense Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=96260	Trust: 0.6

sources: JVNDB: JVNDB-2019-007623 // CNNVD: CNNVD-201908-563

EXTERNAL IDS

db:	NVD	id:	CVE-2019-1970	Trust: 2.5
db:	JVNDB	id:	JVNDB-2019-007623	Trust: 0.8
db:	CNNVD	id:	CNNVD-201908-563	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.2996	Trust: 0.6
db:	VULHUB	id:	VHN-152172	Trust: 0.1

sources: VULHUB: VHN-152172 // JVNDB: JVNDB-2019-007623 // CNNVD: CNNVD-201908-563 // NVD: CVE-2019-1970

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190807-ftd-bypass	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1970	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1970	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/esb-2019.2996/	Trust: 0.6

sources: VULHUB: VHN-152172 // JVNDB: JVNDB-2019-007623 // CNNVD: CNNVD-201908-563 // NVD: CVE-2019-1970

CREDITS

This vulnerability was found by Santosh Krishnamurthy of Cisco during internal security testing.

Trust: 0.6

sources: CNNVD: CNNVD-201908-563

SOURCES

db:	VULHUB	id:	VHN-152172
db:	JVNDB	id:	JVNDB-2019-007623
db:	CNNVD	id:	CNNVD-201908-563
db:	NVD	id:	CVE-2019-1970

LAST UPDATE DATE

2024-08-14T15:33:54.711000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-152172	date:	2019-10-09T00:00:00
db:	JVNDB	id:	JVNDB-2019-007623	date:	2019-08-16T00:00:00
db:	CNNVD	id:	CNNVD-201908-563	date:	2019-08-21T00:00:00
db:	NVD	id:	CVE-2019-1970	date:	2019-10-09T23:48:43.490

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-152172	date:	2019-08-08T00:00:00
db:	JVNDB	id:	JVNDB-2019-007623	date:	2019-08-16T00:00:00
db:	CNNVD	id:	CNNVD-201908-563	date:	2019-08-07T00:00:00
db:	NVD	id:	CVE-2019-1970	date:	2019-08-08T08:15:12.960