ID

VAR-201908-0841


CVE

CVE-2019-1970


TITLE

Cisco Firepower Threat Defense Vulnerability related to failure of protection mechanism in software

Trust: 0.8

sources: JVNDB: JVNDB-2019-007623

DESCRIPTION

A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors when handling specific SSL/TLS messages. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and deliver a malicious payload to the protected network. Cisco Firepower Threat Defense (FTD) The software is vulnerable to a defect in the protection mechanism.Information may be tampered with

Trust: 1.71

sources: NVD: CVE-2019-1970 // JVNDB: JVNDB-2019-007623 // VULHUB: VHN-152172

AFFECTED PRODUCTS

vendor:ciscomodel:firepower threat defensescope:ltversion:6.4.1

Trust: 1.0

vendor:ciscomodel:firepower management centerscope:eqversion:6.4.0

Trust: 1.0

vendor:ciscomodel:firepower management centerscope:eqversion:6.3.0

Trust: 1.0

vendor:ciscomodel:firepower management centerscope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower threat defense softwarescope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2019-007623 // NVD: CVE-2019-1970

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-1970
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2019-1970
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-1970
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201908-563
value: HIGH

Trust: 0.6

VULHUB: VHN-152172
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-1970
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-152172
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-1970
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

ykramarz@cisco.com: CVE-2019-1970
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.0

sources: VULHUB: VHN-152172 // JVNDB: JVNDB-2019-007623 // CNNVD: CNNVD-201908-563 // NVD: CVE-2019-1970 // NVD: CVE-2019-1970

PROBLEMTYPE DATA

problemtype:CWE-693

Trust: 1.9

sources: VULHUB: VHN-152172 // JVNDB: JVNDB-2019-007623 // NVD: CVE-2019-1970

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201908-563

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201908-563

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-007623

PATCH

title:cisco-sa-20190807-ftd-bypassurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-ftd-bypass

Trust: 0.8

title:Cisco Firepower Threat Defense Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=96260

Trust: 0.6

sources: JVNDB: JVNDB-2019-007623 // CNNVD: CNNVD-201908-563

EXTERNAL IDS

db:NVDid:CVE-2019-1970

Trust: 2.5

db:JVNDBid:JVNDB-2019-007623

Trust: 0.8

db:CNNVDid:CNNVD-201908-563

Trust: 0.7

db:AUSCERTid:ESB-2019.2996

Trust: 0.6

db:VULHUBid:VHN-152172

Trust: 0.1

sources: VULHUB: VHN-152172 // JVNDB: JVNDB-2019-007623 // CNNVD: CNNVD-201908-563 // NVD: CVE-2019-1970

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190807-ftd-bypass

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2019-1970

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1970

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2019.2996/

Trust: 0.6

sources: VULHUB: VHN-152172 // JVNDB: JVNDB-2019-007623 // CNNVD: CNNVD-201908-563 // NVD: CVE-2019-1970

CREDITS

This vulnerability was found by Santosh Krishnamurthy of Cisco during internal security testing.

Trust: 0.6

sources: CNNVD: CNNVD-201908-563

SOURCES

db:VULHUBid:VHN-152172
db:JVNDBid:JVNDB-2019-007623
db:CNNVDid:CNNVD-201908-563
db:NVDid:CVE-2019-1970

LAST UPDATE DATE

2024-08-14T15:33:54.711000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-152172date:2019-10-09T00:00:00
db:JVNDBid:JVNDB-2019-007623date:2019-08-16T00:00:00
db:CNNVDid:CNNVD-201908-563date:2019-08-21T00:00:00
db:NVDid:CVE-2019-1970date:2019-10-09T23:48:43.490

SOURCES RELEASE DATE

db:VULHUBid:VHN-152172date:2019-08-08T00:00:00
db:JVNDBid:JVNDB-2019-007623date:2019-08-16T00:00:00
db:CNNVDid:CNNVD-201908-563date:2019-08-07T00:00:00
db:NVDid:CVE-2019-1970date:2019-08-08T08:15:12.960