CVE-2019-1669 — Protection Mechanism Failure in Cisco Firepower Threat Defense Software

CWE-693 — Protection Mechanism Failure4 documents4 sources

Severity

8.6HIGHNVD

EPSS

0.6%

top 31.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Firepower Threat Defense Software Cisco Firepower Threat Defense

Timeline

PublishedJan 24

Latest updateMay 13

Description

A vulnerability in the data acquisition (DAQ) component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies or cause a denial of service (DoS) condition. The vulnerability exists because the affected software improperly manages system memory resources when inspecting traffic. An attacker could exploit this vulnerability by generating specific traffic patterns for the software to inspect. A successful exploi…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 3.9 | Impact: 4.0

Affected Packages2 packages

▶CVEListV5cisco/cisco_firepower_threat_defense_softwaren/a

▶NVDcisco/firepower_threat_defense6.3.0, 6.4.0+1

🔴Vulnerability Details

GHSA

GHSA-p2rm-qhff-72qf: A vulnerability in the data acquisition (DAQ) component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attack↗2022-05-13

▶

CVEList

Cisco Firepower Threat Defense Software Packet Inspection and Enforcement Bypass Vulnerability↗2019-01-24

▶

📋Vendor Advisories

Cisco

Cisco Firepower Threat Defense Software Packet Inspection and Enforcement Bypass Vulnerability↗2019-01-23

▶