CVE-2019-1703

Cisco Firepower Threat Defense Software Packet Processing Denial of Service Vulnerability

Severity Score

8.6

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Attend

*SSVC

Descriptions

A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for the Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error, which may prevent ingress buffers from being replenished under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to consume all input buffers, which are shared between all interfaces, leading to a queue wedge condition in all active interfaces. This situation would cause an affected device to stop processing any incoming traffic and result in a DoS condition until the device is reloaded manually.

Una vulnerabilidad en la funcionalidad interna de procesamiento de paquetes (packet-processing) del software Firepower Threat Defense (FTD) de Cisco para Firepower 2100 Series de Cisco, podría permitir que un atacante remoto no identificado cause que un dispositivo afectado detenga el procesamiento del tráfico, resultando una condición de Denegación de Servicio (DoS). La vulnerabilidad es debido a un error lógico, que puede evitar que los buffers de ingreso se repongan bajo condiciones de tráfico específicas. Un atacante podría aprovechar esta vulnerabilidad enviando una serie de paquetes creados a un dispositivo afectado. Una operación éxito podría permitir al atacante consumir todos los buffers de entrada, que se comparten entre todas las interfaces, lo que deriva a una condición de cola de segmentos en todas las interfaces activas. Esta situación causaría que un dispositivo afectado detenga el procesamiento del tráfico entrante y conlleva a una condición DoS hasta que el dispositivo vuelva a cargarse manualmente.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Attend

Exploitation

None

Automatable

Yes

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2018-12-06 CVE Reserved
2019-05-03 CVE Published
2024-09-23 EPSS Updated
2024-11-19 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-400: Uncontrolled Resource Consumption
CWE-770: Allocation of Resources Without Limits or Throttling

CAPEC

References (2)

URL	Tag	Source
http://www.securityfocus.com/bid/108170	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-frpwr-dos	2020-10-07

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"	Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense"	>= 6.2.1 < 6.2.3.12 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.2.1 < 6.2.3.12"	-	Affected	in	Cisco Search vendor "Cisco"	Firepower 2110 Search vendor "Cisco" for product "Firepower 2110"	-	-	Safe
Cisco Search vendor "Cisco"	Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense"	>= 6.2.1 < 6.2.3.12 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.2.1 < 6.2.3.12"	-	Affected	in	Cisco Search vendor "Cisco"	Firepower 2120 Search vendor "Cisco" for product "Firepower 2120"	-	-	Safe
Cisco Search vendor "Cisco"	Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense"	>= 6.2.1 < 6.2.3.12 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.2.1 < 6.2.3.12"	-	Affected	in	Cisco Search vendor "Cisco"	Firepower 2130 Search vendor "Cisco" for product "Firepower 2130"	-	-	Safe
Cisco Search vendor "Cisco"	Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense"	>= 6.2.1 < 6.2.3.12 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.2.1 < 6.2.3.12"	-	Affected	in	Cisco Search vendor "Cisco"	Firepower 2140 Search vendor "Cisco" for product "Firepower 2140"	-	-	Safe