Details of VAR-201910-0327

ID

VAR-201910-0327

CVE

CVE-2019-12673

TITLE

Cisco Adaptive Security and Firepower Threat Defense Software input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-010261

DESCRIPTION

A vulnerability in the FTP inspection engine of Cisco Adaptive Security (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of FTP data. An attacker could exploit this vulnerability by sending malicious FTP traffic through an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device. Cisco Adaptive Security Appliances Software is a firewall and network security platform. The platform provides features such as highly secure access to data and network resources

Trust: 1.71

sources: NVD: CVE-2019-12673 // JVNDB: JVNDB-2019-010261 // VULHUB: VHN-144443

AFFECTED PRODUCTS

vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.12.2.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance	scope:	lt	version:	9.6.4.34	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.3.0.5	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.4.0	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.10	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.4.0.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.10.1.30	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.12	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.8.4.10	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.9.2.56	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.9	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower threat defense software	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance	scope:	eq	version:	9.2	Trust: 0.6
vendor:	cisco	model:	adaptive security appliance	scope:	eq	version:	9.4.2.11	Trust: 0.6
vendor:	cisco	model:	adaptive security appliance	scope:	eq	version:	9.1.7.4	Trust: 0.6
vendor:	cisco	model:	adaptive security appliance	scope:	eq	version:	9.2.4.8	Trust: 0.6
vendor:	cisco	model:	adaptive security appliance	scope:	eq	version:	9.4	Trust: 0.6
vendor:	cisco	model:	adaptive security appliance	scope:	eq	version:	9.3	Trust: 0.6
vendor:	cisco	model:	adaptive security appliance	scope:	eq	version:	9.5.2.5	Trust: 0.6
vendor:	cisco	model:	adaptive security appliance	scope:	eq	version:	9.4.4.37	Trust: 0.6
vendor:	cisco	model:	adaptive security appliance	scope:	eq	version:	9.5	Trust: 0.6
vendor:	cisco	model:	adaptive security appliance	scope:	eq	version:	9.3.3.9	Trust: 0.6

sources: JVNDB: JVNDB-2019-010261 // CNNVD: CNNVD-201910-060 // NVD: CVE-2019-12673

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-12673
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-12673
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-12673
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201910-060
value:	HIGH
Trust: 0.6
VULHUB:	VHN-144443
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-12673
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-144443
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-12673
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-12673
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.0
version:	3.0
Trust: 1.0
NVD:	CVE-2019-12673
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-144443 // JVNDB: JVNDB-2019-010261 // CNNVD: CNNVD-201910-060 // NVD: CVE-2019-12673 // NVD: CVE-2019-12673

PROBLEMTYPE DATA

problemtype:	CWE-20	Trust: 1.9
problemtype:	CWE-119	Trust: 1.0

sources: VULHUB: VHN-144443 // JVNDB: JVNDB-2019-010261 // NVD: CVE-2019-12673

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201910-060

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-010261

PATCH

title:	cisco-sa-20191002-asa-dos	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-dos	Trust: 0.8
title:	Cisco Adaptive Security Software and Cisco Firepower Threat Defense Software Buffer error vulnerability fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=98797	Trust: 0.6

sources: JVNDB: JVNDB-2019-010261 // CNNVD: CNNVD-201910-060

EXTERNAL IDS

db:	NVD	id:	CVE-2019-12673	Trust: 2.5
db:	JVNDB	id:	JVNDB-2019-010261	Trust: 0.8
db:	CNNVD	id:	CNNVD-201910-060	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.3698	Trust: 0.6
db:	VULHUB	id:	VHN-144443	Trust: 0.1

sources: VULHUB: VHN-144443 // JVNDB: JVNDB-2019-010261 // CNNVD: CNNVD-201910-060 // NVD: CVE-2019-12673

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191002-asa-dos	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2019-12673	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-12673	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/esb-2019.3698/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-asa-denial-of-service-via-ftp-inspection-30504	Trust: 0.6

sources: VULHUB: VHN-144443 // JVNDB: JVNDB-2019-010261 // CNNVD: CNNVD-201910-060 // NVD: CVE-2019-12673

SOURCES

db:	VULHUB	id:	VHN-144443
db:	JVNDB	id:	JVNDB-2019-010261
db:	CNNVD	id:	CNNVD-201910-060
db:	NVD	id:	CVE-2019-12673

LAST UPDATE DATE

2024-08-14T13:25:34.535000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-144443	date:	2019-10-09T00:00:00
db:	JVNDB	id:	JVNDB-2019-010261	date:	2019-10-10T00:00:00
db:	CNNVD	id:	CNNVD-201910-060	date:	2019-10-25T00:00:00
db:	NVD	id:	CVE-2019-12673	date:	2023-08-16T16:17:07.960

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-144443	date:	2019-10-02T00:00:00
db:	JVNDB	id:	JVNDB-2019-010261	date:	2019-10-10T00:00:00
db:	CNNVD	id:	CNNVD-201910-060	date:	2019-10-02T00:00:00
db:	NVD	id:	CVE-2019-12673	date:	2019-10-02T19:15:12.077