First published: Fri May 03 2019(Updated: )
A vulnerability in the detection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to send data directly to the kernel of an affected device. The vulnerability exists because the software improperly filters Ethernet frames sent to an affected device. An attacker could exploit this vulnerability by sending crafted packets to the management interface of an affected device. A successful exploit could allow the attacker to bypass the Layer 2 (L2) filters and send data directly to the kernel of the affected device. A malicious frame successfully delivered would make the target device generate a specific syslog entry.
Credit: ykramarz@cisco.com ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Adaptive Security Appliance Software | <9.8.4 | |
Cisco Firepower Threat Defense | >=6.2.1<6.2.3.12 | |
Cisco Firepower Threat Defense | >=6.3.0<6.3.0.3 | |
Cisco Adaptive Security Appliance Software | >=9.9<9.9.2.50 | |
Cisco Adaptive Security Appliance Software | >=9.10<9.10.1.17 | |
Cisco Firepower 2110 | ||
Cisco Firepower 2120 | ||
Cisco Firepower 2130 | ||
Cisco Firepower 2140 | ||
All of | ||
Any of | ||
Cisco Adaptive Security Appliance Software | <9.8.4 | |
Cisco Firepower Threat Defense | >=6.2.1<6.2.3.12 | |
Cisco Firepower Threat Defense | >=6.3.0<6.3.0.3 | |
Cisco Adaptive Security Appliance Software | >=9.9<9.9.2.50 | |
Cisco Adaptive Security Appliance Software | >=9.10<9.10.1.17 | |
Any of | ||
Cisco Firepower 2110 | ||
Cisco Firepower 2120 | ||
Cisco Firepower 2130 | ||
Cisco Firepower 2140 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this Cisco ASA and FTD vulnerability is CVE-2019-1695.
The severity level of CVE-2019-1695 is medium with a severity value of 6.5.
Cisco Adaptive Security Appliance (ASA) Software versions up to 9.8.4 and Cisco Firepower Threat Defense (FTD) Software versions from 6.2.1 to 6.2.3.12 and from 6.3.0 to 6.3.0.3 are affected by CVE-2019-1695.
CVE-2019-1695 is a vulnerability in the detection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software.
An unauthenticated attacker adjacent to the affected device can exploit CVE-2019-1695 by sending data directly to the kernel of the device.