CVE-2019-1704 – Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2019-1704
Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory. Las múltiples vulnerabilidades en el motor de detección del preprocesador de Protocolo Server Message Block (SMB) para el software Firepower Threat Defense (FTD) de Cisco, podrían permitir que un atacante no autenticado, adyacente o remoto genere una condición de Denegación de Servicio (DoS). Para más información sobre estas vulnerabilidades, consulte la sección Detalles de este aviso. • http://www.securityfocus.com/bid/108171 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-smb-snort • CWE-400: Uncontrolled Resource Consumption •
CVE-2019-1699 – Cisco Firepower Threat Defense Software Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2019-1699
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting commands into arguments for a specific command. A successful exploit could allow the attacker to execute commands with root privileges. Una vulnerabilidad en la CLI del software Firepower Threat Defense (FTD) de Cisco, podría permitir a un atacante local identificado ejecutar un ataque de inyección de comando. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-ftd-cmd-inject • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2019-1697 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Lightweight Directory Access Protocol Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-1697
A vulnerability in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of LDAP packets sent to an affected device. An attacker could exploit these vulnerabilities by sending a crafted LDAP packet, using Basic Encoding Rules (BER), to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Una vulnerabilidad en la implementación de la función del Lightweight Directory Access Protocol (LDAP) en el software Cisco Adaptive Security Appliance (ASA) y en el software Firepower Threat Defense (FTD) podría permitir que un atacante remoto no autenticado provoque la recarga de un dispositivo afectado, lo que resulta en una Condición de denegación de servicio (DoS). • http://www.securityfocus.com/bid/108182 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftds-ldapdos • CWE-20: Improper Input Validation •
CVE-2019-1694 – Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software TCP Timer Handling Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-1694
A vulnerability in the TCP processing engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper handling of TCP traffic. An attacker could exploit this vulnerability by sending a specific sequence of packets at a high rate through an affected device. A successful exploit could allow the attacker to temporarily disrupt traffic through the device while it reboots. Una vulnerabilidad en el TCP processing engine of Cisco Adaptive Security Appliance (ASA) el Programa y Cisco Firepower Threat Defense (FTD) El programa podría permitir que un atacante remoto no autenticado provoque la recarga de un dispositivo afectado, lo que provocaría una condición de denegación de servicio(DoS). • http://www.securityfocus.com/bid/108160 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-frpwrtd-dos • CWE-20: Improper Input Validation •
CVE-2019-1695 – Cisco Adaptive Security Appliance and Firepower Threat Defense Software Layer 2 Filtering Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2019-1695
A vulnerability in the detection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to send data directly to the kernel of an affected device. The vulnerability exists because the software improperly filters Ethernet frames sent to an affected device. An attacker could exploit this vulnerability by sending crafted packets to the management interface of an affected device. A successful exploit could allow the attacker to bypass the Layer 2 (L2) filters and send data directly to the kernel of the affected device. A malicious frame successfully delivered would make the target device generate a specific syslog entry. • http://www.securityfocus.com/bid/108173 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-bypass • CWE-284: Improper Access Control •