First published: Tue Nov 05 2019(Updated: )
A vulnerability in the HTTP traffic filtering component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper handling of HTTP requests, including those communicated over a secure HTTPS connection, that contain maliciously crafted headers. An attacker could exploit this vulnerability by sending malicious requests to an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems, allowing attackers to deliver malicious content that would otherwise be blocked.
Credit: ykramarz@cisco.com ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Firepower Management Center | =2.9.13 | |
Cisco Firepower Management Center | =2.9.14.0 | |
Cisco Firepower Management Center | =3.0.0 | |
Cisco FirePOWER Services Software for ASA | ||
Cisco Firepower Threat Defense | ||
Cisco Secure Firewall Management Center | =2.9.13 | |
Cisco Secure Firewall Management Center | =2.9.14.0 | |
Cisco Secure Firewall Management Center | =3.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-1982 is a vulnerability in the HTTP traffic filtering component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software that allows an unauthenticated, remote attacker to bypass filtering protections.
The severity of CVE-2019-1982 is medium, with a CVSS score of 5.3.
An attacker can exploit CVE-2019-1982 by sending specially crafted HTTP traffic that bypasses filtering protections.
CVE-2019-1982 affects Cisco Firepower Threat Defense Software versions 2.9.13, 2.9.14.0, and 3.0.0, as well as Cisco FirePOWER Services Software for ASA.
Yes, Cisco has released patches and software updates to address the vulnerability. Refer to the Cisco Security Advisory for more information.