CVE-2019-1695
Cisco Adaptive Security Appliance and Firepower Threat Defense Software Layer 2 Filtering Bypass Vulnerability
Severity Score
6.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track
*SSVC
Descriptions
A vulnerability in the detection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to send data directly to the kernel of an affected device. The vulnerability exists because the software improperly filters Ethernet frames sent to an affected device. An attacker could exploit this vulnerability by sending crafted packets to the management interface of an affected device. A successful exploit could allow the attacker to bypass the Layer 2 (L2) filters and send data directly to the kernel of the affected device. A malicious frame successfully delivered would make the target device generate a specific syslog entry.
Una vulnerabilidad en el motor de detección del software Adaptive Security Appliance (ASA) de Cisco y el software Firepower Threat Defense (FTD) de Cisco, podría permitir que un atacante adyacente no identificado envíe datos directamente hacia el kernel de un dispositivo afectado. La vulnerabilidad se presenta porque el software filtra incorrectamente las tramas de Ethernet enviadas a un dispositivo afectado. Un atacante podría aprovechar esta vulnerabilidad mediante el envío de paquetes creados a la interfaz de administración de un dispositivo afectado. Una operación con éxito podría permitir al atacante omitir los filtros de Capa 2 (L2) y enviar datos directamente hacia el kernel del dispositivo afectado. Una trama maliciosa entregada con éxito haría que el dispositivo de destino generara una entrada syslog específica.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-12-06 CVE Reserved
- 2019-05-03 CVE Published
- 2024-09-23 EPSS Updated
- 2024-11-21 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-284: Improper Access Control
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/108173 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | < 9.8.4 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " < 9.8.4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2110 Search vendor "Cisco" for product "Firepower 2110" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | < 9.8.4 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " < 9.8.4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2120 Search vendor "Cisco" for product "Firepower 2120" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | < 9.8.4 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " < 9.8.4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2130 Search vendor "Cisco" for product "Firepower 2130" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | < 9.8.4 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " < 9.8.4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2140 Search vendor "Cisco" for product "Firepower 2140" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.2.1 < 6.2.3.12 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.2.1 < 6.2.3.12" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2110 Search vendor "Cisco" for product "Firepower 2110" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.2.1 < 6.2.3.12 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.2.1 < 6.2.3.12" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2120 Search vendor "Cisco" for product "Firepower 2120" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.2.1 < 6.2.3.12 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.2.1 < 6.2.3.12" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2130 Search vendor "Cisco" for product "Firepower 2130" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.2.1 < 6.2.3.12 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.2.1 < 6.2.3.12" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2140 Search vendor "Cisco" for product "Firepower 2140" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.3.0 < 6.3.0.3 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.3.0 < 6.3.0.3" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2110 Search vendor "Cisco" for product "Firepower 2110" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.3.0 < 6.3.0.3 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.3.0 < 6.3.0.3" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2120 Search vendor "Cisco" for product "Firepower 2120" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.3.0 < 6.3.0.3 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.3.0 < 6.3.0.3" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2130 Search vendor "Cisco" for product "Firepower 2130" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.3.0 < 6.3.0.3 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.3.0 < 6.3.0.3" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2140 Search vendor "Cisco" for product "Firepower 2140" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.9 < 9.9.2.50 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.9 < 9.9.2.50" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2110 Search vendor "Cisco" for product "Firepower 2110" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.9 < 9.9.2.50 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.9 < 9.9.2.50" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2120 Search vendor "Cisco" for product "Firepower 2120" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.9 < 9.9.2.50 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.9 < 9.9.2.50" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2130 Search vendor "Cisco" for product "Firepower 2130" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.9 < 9.9.2.50 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.9 < 9.9.2.50" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2140 Search vendor "Cisco" for product "Firepower 2140" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.10 < 9.10.1.17 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.10 < 9.10.1.17" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2110 Search vendor "Cisco" for product "Firepower 2110" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.10 < 9.10.1.17 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.10 < 9.10.1.17" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2120 Search vendor "Cisco" for product "Firepower 2120" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.10 < 9.10.1.17 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.10 < 9.10.1.17" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2130 Search vendor "Cisco" for product "Firepower 2130" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.10 < 9.10.1.17 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.10 < 9.10.1.17" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2140 Search vendor "Cisco" for product "Firepower 2140" | - | - |
Safe
|