CVE-2019-1833 — Protection Mechanism Failure in Cisco Firepower Threat Defense Software

CWE-693 — Protection Mechanism Failure5 documents5 sources

Severity

5.8MEDIUMNVD

EPSS

0.2%

top 52.02%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Firepower Threat Defense Software Cisco Secure Firewall Management Center

Timeline

PublishedMay 16

Latest updateMay 24

Description

A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol parser of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies. The vulnerability is due to improper parsing of specific attributes in a TLS packet header. An attacker could exploit this vulnerability by sending malicious TLS messages to the affected system. A successful exploit could allow the attacker to bypass the configured policies …

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5cisco/cisco_firepower_threat_defense_softwareunspecified — n/a

▶NVDcisco/secure_firewall_management_center5 versions+4

🔴Vulnerability Details

GHSA

GHSA-6ffw-22x4-4x3r: A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol parser of Cisco Firepower Threat Defense (FTD) Software coul↗2022-05-24

▶

CVEList

Cisco Firepower Threat Defense Software SSL/TLS Policy Bypass Vulnerability↗2019-05-16

▶

📋Vendor Advisories

Cisco

Cisco Firepower Threat Defense Software SSL/TLS Policy Bypass Vulnerability↗2019-05-15

▶

💬Community

Bugzilla

CVE-2018-1131 infinispan: deserialization of data in XML and JSON transcoders↗2018-05-09

▶