Cisco Firepower Threat Defense Software vulnerabilities

CVE-2020-3253 [MEDIUM] CWE-284 CVE-2020-3253: A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense (FTD) Software could A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to access the shell of an affected device even though expert mode is disabled. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit this vulnerability by enab

CVE-2020-3285 [MEDIUM] CWE-693 CVE-2020-3285: A vulnerability in the Transport Layer Security version 1.3 (TLS 1.3) policy with URL category funct A vulnerability in the Transport Layer Security version 1.3 (TLS 1.3) policy with URL category functionality for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured TLS 1.3 policy to block traffic for a specific URL. The vulnerability is due to a logic error with Snort handling of the co

CVE-2020-3315 [MEDIUM] CWE-693 CVE-2020-3315: Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could all Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An attacker could exploit this vulnerability by se

CVE-2019-1981 [MEDIUM] CWE-264 CVE-2019-1981: A vulnerability in the normalization functionality of Cisco Firepower Threat Defense Software, Cisco A vulnerability in the normalization functionality of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to insufficient normalization of a text-based payload. An atta

CVE-2019-1980 [MEDIUM] CWE-264 CVE-2019-1980: A vulnerability in the protocol detection component of Cisco Firepower Threat Defense Software, Cisc A vulnerability in the protocol detection component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper detection of the initial use of a protocol on a n

CVE-2019-1978 [MEDIUM] CWE-264 CVE-2019-1978: A vulnerability in the stream reassembly component of Cisco Firepower Threat Defense Software, Cisco A vulnerability in the stream reassembly component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper reassembly of traffic streams. An attacker could e

CVE-2019-12675 [HIGH] CWE-216 CVE-2019-12675: Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Softw Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An a

CVE-2019-12674 [HIGH] CWE-216 CVE-2019-12674: Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Softw Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An a

CVE-2019-12694 [MEDIUM] CWE-20 CVE-2019-12694: A vulnerability in the command line interface (CLI) of Cisco Firepower Threat Defense (FTD) Software A vulnerability in the command line interface (CLI) of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker with administrative privileges to execute commands on the underlying operating system with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerab

CVE-2019-12627 [HIGH] CWE-284 CVE-2019-12627: A vulnerability in the application policy configuration of the Cisco Firepower Threat Defense (FTD) A vulnerability in the application policy configuration of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data. The vulnerability is due to insufficient application identification. An attacker could exploit this vulnerability by sending crafted traffic to a

CVE-2019-1970 [HIGH] CWE-693 CVE-2019-1970: A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol inspection A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors when handling specific SSL/TLS messages. An attacker

CVE-2019-1832 [HIGH] CWE-693 CVE-2019-1832: A vulnerability in the detection engine of Cisco Firepower Threat Defense (FTD) Software could allow A vulnerability in the detection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies. The vulnerability is due to improper validation of ICMP packets. An attacker could exploit this vulnerability by sending crafted ICMP packets to the affected device. A succ

CVE-2019-1833 [MEDIUM] CWE-693 CVE-2019-1833: A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol parser of A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol parser of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies. The vulnerability is due to improper parsing of specific attributes in a TLS packet header. An attacker could exploit this vulner

CVE-2019-1704 [HIGH] CWE-400 CVE-2019-1704: Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine fo Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.

CVE-2019-1699 [HIGH] CWE-78 CVE-2019-1699: A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authentic A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting commands into arguments for a specific command. A successful exploit could allo

CVE-2019-1708 [HIGH] CWE-404 CVE-2019-1708: A vulnerability in the Internet Key Exchange Version 2 Mobility and Multihoming Protocol (MOBIKE) fe A vulnerability in the Internet Key Exchange Version 2 Mobility and Multihoming Protocol (MOBIKE) feature for the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (Do

CVE-2019-1709 [HIGH] CWE-78 CVE-2019-1709: A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authentic A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting commands into arguments for a specific command. A successful exploit could allo

CVE-2019-1694 [HIGH] CWE-20 CVE-2019-1694: A vulnerability in the TCP processing engine of Cisco Adaptive Security Appliance (ASA) Software and A vulnerability in the TCP processing engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper handling of TCP traffic. An att

CVE-2019-1696 [HIGH] CWE-400 CVE-2019-1696: Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine fo Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.

CVE-2019-1714 [HIGH] CWE-255 CVE-2019-1714: A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 Single Sign-O A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 Single Sign-On (SSO) for Clientless SSL VPN (WebVPN) and AnyConnect Remote Access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to successfully establish a VPN