Details of VAR-201910-0368

ID

VAR-201910-0368

CVE

CVE-2019-12696

TITLE

Cisco Firepower System Software input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-010477

DESCRIPTION

Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory. Cisco Firepower System The software contains an input validation vulnerability.Information may be tampered with. Cisco Firepower System中的检测引擎存在安全漏洞，该漏洞源于对RTF文件内容的错误检测。远程攻击者可通过发送恶意的RTF文件利用该漏洞绕过对RTF文件类型所配置的恶意软件和文件策略。以下产品及版本受到影响：3000 Series Industrial Security Appliances (ISAs)；Adaptive Security Appliance (ASA) 5500-X Series Firewalls；ASA 5500-X Series with FirePOWER Services；Advanced Malware Protection (AMP) for Networks for FirePOWER 7000 Series Appliances；AMP for Networks for FirePOWER 8000 Series Appliances；Firepower 2100 Series；Firepower 4100 Series；Firepower 1000 Series Appliances；FirePOWER 7000 Series Appliances；FirePOWER 8000 Series Appliances；Firepower 9300 Security Appliances；Firepower Threat Defense for Integrated Services Routers (ISRs)；FTD Virtual (FTDv)；Next-Generation Intrusion Prevention System (NGIPS)

Trust: 2.25

sources: NVD: CVE-2019-12696 // JVNDB: JVNDB-2019-010477 // CNNVD: CNNVD-201910-148 // VULHUB: VHN-144468

AFFECTED PRODUCTS

vendor:	cisco	model:	firepower	scope:	eq	version:	6.4.0	Trust: 1.0
vendor:	cisco	model:	firepower	scope:	eq	version:	6.3.0	Trust: 1.0
vendor:	cisco	model:	firepower	scope:	eq	version:	6.2.3.1	Trust: 1.0
vendor:	cisco	model:	firepower	scope:	eq	version:	6.2.3.7	Trust: 1.0
vendor:	cisco	model:	firepower system software	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2019-010477 // NVD: CVE-2019-12696

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-12696
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-12696
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-12696
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201910-148
value:	HIGH
Trust: 0.6
VULHUB:	VHN-144468
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-12696
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-144468
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-12696
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2019-12696
baseSeverity:	MEDIUM
baseScore:	5.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 1.0
NVD:	CVE-2019-12696
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-144468 // JVNDB: JVNDB-2019-010477 // CNNVD: CNNVD-201910-148 // NVD: CVE-2019-12696 // NVD: CVE-2019-12696

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	CWE-693	Trust: 1.0
problemtype:	CWE-20	Trust: 0.9

sources: VULHUB: VHN-144468 // JVNDB: JVNDB-2019-010477 // NVD: CVE-2019-12696

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201910-148

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201910-148

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-010477

PATCH

title:	cisco-sa-20191002-firepwr-bypass	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-firepwr-bypass	Trust: 0.8
title:	Cisco Firepower System Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=98883	Trust: 0.6

sources: JVNDB: JVNDB-2019-010477 // CNNVD: CNNVD-201910-148

EXTERNAL IDS

db:	NVD	id:	CVE-2019-12696	Trust: 2.5
db:	JVNDB	id:	JVNDB-2019-010477	Trust: 0.8
db:	CNNVD	id:	CNNVD-201910-148	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.3729	Trust: 0.6
db:	VULHUB	id:	VHN-144468	Trust: 0.1

sources: VULHUB: VHN-144468 // JVNDB: JVNDB-2019-010477 // CNNVD: CNNVD-201910-148 // NVD: CVE-2019-12696

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20191002-firepwr-bypass	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2019-12696	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-12696	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/esb-2019.3729/	Trust: 0.6

sources: VULHUB: VHN-144468 // JVNDB: JVNDB-2019-010477 // CNNVD: CNNVD-201910-148 // NVD: CVE-2019-12696

CREDITS

The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Trust: 0.6

sources: CNNVD: CNNVD-201910-148

SOURCES

db:	VULHUB	id:	VHN-144468
db:	JVNDB	id:	JVNDB-2019-010477
db:	CNNVD	id:	CNNVD-201910-148
db:	NVD	id:	CVE-2019-12696

LAST UPDATE DATE

2024-11-23T22:11:48.550000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-144468	date:	2020-10-08T00:00:00
db:	JVNDB	id:	JVNDB-2019-010477	date:	2019-10-16T00:00:00
db:	CNNVD	id:	CNNVD-201910-148	date:	2020-10-09T00:00:00
db:	NVD	id:	CVE-2019-12696	date:	2024-11-21T04:23:22.890

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-144468	date:	2019-10-02T00:00:00
db:	JVNDB	id:	JVNDB-2019-010477	date:	2019-10-16T00:00:00
db:	CNNVD	id:	CNNVD-201910-148	date:	2019-10-02T00:00:00
db:	NVD	id:	CVE-2019-12696	date:	2019-10-02T19:15:13.547