CVE-2019-1832

A vulnerability in the detection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies. The vulnerability is due to improper validation of ICMP packets. An attacker could exploit this vulnerability by sending crafted ICMP packets to the affected device. A successful exploit could allow the attacker to bypass configured access control policies.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cisco:firepower_management_center:6.2.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_management_center:6.2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_management_center:6.2.3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_management_center:6.2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_management_center:6.2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_management_center:6.4.0:*:*:*:*:*:*:*

History

21 Nov 2024, 04:37

Type Values Removed Values Added
CVSS v2 : 5.0
v3 : 7.5
v2 : 5.0
v3 : 5.8
References () http://www.securityfocus.com/bid/108340 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/108340 - Third Party Advisory, VDB Entry
References () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-ftdde-poly-bypass - Vendor Advisory () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-ftdde-poly-bypass - Vendor Advisory

Information

Published : 2019-05-16 02:29

Updated : 2024-11-21 04:37


NVD link : CVE-2019-1832

Mitre link : CVE-2019-1832

CVE.ORG link : CVE-2019-1832


JSON object : View

Products Affected

cisco

  • firepower_management_center
CWE
CWE-693

Protection Mechanism Failure