CVSS: 8.6EPSS: 0%CPEs: 13EXPL: 0CVE-2019-1708 – Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software MOBIKE Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-1708
A vulnerability in the Internet Key Exchange Version 2 Mobility and Multihoming Protocol (MOBIKE) feature for the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to the incorrect processing of certain MOBIKE packets. An attacker could exploit this vulnerability by sending crafted MOBIKE packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. The MOBIKE feature is supported only for IPv4 addresses. • http://www.securityfocus.com/bid/108166 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-ike-dos • CWE-401: Missing Release of Memory after Effective Lifetime CWE-404: Improper Resource Shutdown or Release •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2019-1709 – Cisco Firepower Threat Defense Software Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2019-1709
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting commands into arguments for a specific command. A successful exploit could allow the attacker to execute commands with root privileges. "Una vulnerabilidad en la CLI del software Firepower Threat Defense (FTD) de Cisco podría permitir a un atacante local identificado ejecutar un ataque de inyección de comando. • http://www.securityfocus.com/bid/108156 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-cmd-inj • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 4.8EPSS: 0%CPEs: 19EXPL: 0CVE-2019-1701 – Cisco Adaptive Security Appliance and Firepower Threat Defense Software WebVPN Cross-Site Scripting Vulnerabilities
https://notcve.org/view.php?id=CVE-2019-1701
Multiple vulnerabilities in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the WebVPN portal of an affected device. The vulnerabilities exist because the software insufficiently validates user-supplied input on an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. An attacker would need administrator privileges on the device to exploit these vulnerabilities. • http://www.securityfocus.com/bid/108152 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-xss • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.6EPSS: 0%CPEs: 5EXPL: 0CVE-2019-1703 – Cisco Firepower Threat Defense Software Packet Processing Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-1703
A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for the Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error, which may prevent ingress buffers from being replenished under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to consume all input buffers, which are shared between all interfaces, leading to a queue wedge condition in all active interfaces. This situation would cause an affected device to stop processing any incoming traffic and result in a DoS condition until the device is reloaded manually. • http://www.securityfocus.com/bid/108170 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-dos • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-1704 – Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2019-1704
Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory. Las múltiples vulnerabilidades en el motor de detección del preprocesador de Protocolo Server Message Block (SMB) para el software Firepower Threat Defense (FTD) de Cisco, podrían permitir que un atacante no autenticado, adyacente o remoto genere una condición de Denegación de Servicio (DoS). Para más información sobre estas vulnerabilidades, consulte la sección Detalles de este aviso. • http://www.securityfocus.com/bid/108171 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort • CWE-400: Uncontrolled Resource Consumption •