CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2019-1696 – Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2019-1696
Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory. Múltiples vulnerabilidades en el motor de detección del preprocesador del Protocolo Server Message Block (SMB) para el software Firepower Threat Defense (FTD) Cisco, podrían permitir a un atacante no identificado, adyacente o remoto, causar una condición de Denegación de Servicio (DoS). Para más información sobre estas vulnerabilidades, consulte la sección Detalles de este aviso. • http://www.securityfocus.com/bid/108171 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2019-1687 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software TCP Proxy Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-1687
A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to an error in TCP-based packet inspection, which could cause the TCP packet to have an invalid Layer 2 (L2)-formatted header. An attacker could exploit this vulnerability by sending a crafted TCP packet sequence to the targeted device. A successful exploit could allow the attacker to cause a DoS condition. Una vulnerabilidad en la funcionalidad de proxy TCP para el software Adaptive Security Appliance (ASA) de Cisco y el software Firepower Threat Defense (FTD) de Cisco, podría permitir que un atacante remoto no identificado cause que el dispositivo se reinicie inesperadamente, dando como resultado una condición de Denegación de Servicio (DoS) . • http://www.securityfocus.com/bid/108176 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftdtcp-dos • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 0CVE-2018-15462 – Cisco Firepower Threat Defense Software TCP Ingress Handler Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-15462
A vulnerability in the TCP ingress handler for the data interfaces that are configured with management access to Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an increase in CPU and memory usage, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient ingress TCP rate limiting for TCP ports 22 (SSH) and 443 (HTTPS). An attacker could exploit this vulnerability by sending a crafted, steady stream of TCP traffic to port 22 or 443 on the data interfaces that are configured with management access to the affected device. Una vulnerabilidad en el controlador de ingreso de TCP para las interfaces de datos que están configuradas con acceso de administración al programa Cisco Firepower Threat Defense (FTD) podría permitir que un atacante remoto no autenticado provoque un aumento en el uso de la CPU y la memoria, dando como resultado una denegación de servicio( DoS) condición. La vulnerabilidad se debe a una limitación de la tasa de TCP de ingreso insuficiente para los puertos TCP 22 (SSH) y 443 (HTTPS). • http://www.securityfocus.com/bid/108178 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-firepower-dos • CWE-399: Resource Management Errors CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.6EPSS: 0%CPEs: 17EXPL: 0CVE-2018-15388 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-15388
A vulnerability in the WebVPN login process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load for existing WebVPN login operations. An attacker could exploit this vulnerability by sending multiple WebVPN login requests to the device. A successful exploit could allow the attacker to increase CPU load on the device, resulting in a denial of service (DoS) condition. Una vulnerabilidad en el proceso de inicio de sesión (login) en la WebVPN de los software Adaptive Security Appliance (ASA) y Firepower Threat Defense (FTD) de Cisco, podría permitir que un atacante remoto no identificado cause un aumento en la utilización de la CPU en un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-sd-cpu-dos • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-1691 – Cisco Firepower Threat Defense Software SSL or TLS Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-1691
A vulnerability in the detection engine of Cisco Firepower Threat Defense Software could allow an unauthenticated, remote attacker to cause the unexpected restart of the SNORT detection engine, resulting in a denial of service (DoS) condition. The vulnerability is due to the incomplete error handling of the SSL or TLS packet header during the connection establishment. An attacker could exploit this vulnerability by sending a crafted SSL or TLS packet during the connection handshake. An exploit could allow the attacker to cause the SNORT detection engine to unexpectedly restart, resulting in a partial DoS condition while the detection engine restarts. Versions prior to 6.2.3.4 are affected. • http://www.securityfocus.com/bid/107099 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-fpwr-ssltls-dos • CWE-20: Improper Input Validation CWE-755: Improper Handling of Exceptional Conditions •