CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2019-1697 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Lightweight Directory Access Protocol Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-1697
03 May 2019 — A vulnerability in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of LDAP packets sent to an affected device. An attacker could exploit these vulnerabilities by sending a crafted LDAP packet, usi... • http://www.securityfocus.com/bid/108182 • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 1%CPEs: 19EXPL: 0CVE-2019-1694 – Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software TCP Timer Handling Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-1694
03 May 2019 — A vulnerability in the TCP processing engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper handling of TCP traffic. An attacker could exploit this vulnerability by sending a specific sequence of packets at a high rate through an affected device. A successful exploit could allow... • http://www.securityfocus.com/bid/108160 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2019-1695 – Cisco Adaptive Security Appliance and Firepower Threat Defense Software Layer 2 Filtering Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2019-1695
03 May 2019 — A vulnerability in the detection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to send data directly to the kernel of an affected device. The vulnerability exists because the software improperly filters Ethernet frames sent to an affected device. An attacker could exploit this vulnerability by sending crafted packets to the management interface of an affected device. A successful exploit could al... • http://www.securityfocus.com/bid/108173 • CWE-284: Improper Access Control •
CVSS: 7.7EPSS: 0%CPEs: 19EXPL: 0CVE-2019-1693 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-1693
03 May 2019 — A vulnerability in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper management of authenticated sessions in the WebVPN portal. An attacker could exploit this vulnerability by authenticating with valid credentials and accessing a specific URL in the WebVPN portal. A successful exploit coul... • http://www.securityfocus.com/bid/108157 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2019-1687 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software TCP Proxy Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-1687
03 May 2019 — A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to an error in TCP-based packet inspection, which could cause the TCP packet to have an invalid Layer 2 (L2)-formatted header. An attacker could exploit this vulnerability by sending a crafted T... • http://www.securityfocus.com/bid/108176 • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 0CVE-2018-15462 – Cisco Firepower Threat Defense Software TCP Ingress Handler Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-15462
03 May 2019 — A vulnerability in the TCP ingress handler for the data interfaces that are configured with management access to Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an increase in CPU and memory usage, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient ingress TCP rate limiting for TCP ports 22 (SSH) and 443 (HTTPS). An attacker could exploit this vulnerability by sending a crafted, steady stream of TCP traffic to por... • http://www.securityfocus.com/bid/108178 • CWE-399: Resource Management Errors CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 0CVE-2019-1669 – Cisco Firepower Threat Defense Software Packet Inspection and Enforcement Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2019-1669
24 Jan 2019 — A vulnerability in the data acquisition (DAQ) component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured access control policies or cause a denial of service (DoS) condition. The vulnerability exists because the affected software improperly manages system memory resources when inspecting traffic. An attacker could exploit this vulnerability by generating specific traffic patterns for the software to inspect. A successful exploit could allo... • http://www.securityfocus.com/bid/106721 • CWE-693: Protection Mechanism Failure •