CVE-2019-1832 — Protection Mechanism Failure in Cisco Firepower Threat Defense Software

CWE-693 — Protection Mechanism Failure4 documents4 sources

Severity

7.5HIGHNVD

CNA5.8

EPSS

0.1%

top 69.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Firepower Threat Defense Software Cisco Secure Firewall Management Center

Timeline

PublishedMay 16

Latest updateMay 24

Description

A vulnerability in the detection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies. The vulnerability is due to improper validation of ICMP packets. An attacker could exploit this vulnerability by sending crafted ICMP packets to the affected device. A successful exploit could allow the attacker to bypass configured access control policies.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5cisco/cisco_firepower_threat_defense_softwareunspecified — n/a

▶NVDcisco/secure_firewall_management_center6 versions+5

🔴Vulnerability Details

GHSA

GHSA-6h59-64rj-g8fp: A vulnerability in the detection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass con↗2022-05-24

▶

CVEList

Cisco Firepower Threat Defense Software Detection Engine Policy Bypass Vulnerability↗2019-05-16

▶

📋Vendor Advisories

Cisco

Cisco Firepower Threat Defense Software Detection Engine Policy Bypass Vulnerability↗2019-05-15

▶