cisco-sa-20190501-asa-ftdtcp-dos: Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software TCP Proxy Denial of Service Vulnerability
First published: Wed May 01 2019(Updated: )
A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to an error in TCP-based packet inspection, which could cause the TCP packet to have an invalid Layer 2 (L2)-formatted header. An attacker could exploit this vulnerability by sending a crafted TCP packet sequence to the targeted device. A successful exploit could allow the attacker to cause a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftdtcp-dos
Credit: This vulnerability was found during the resolution a Cisco TAC support case
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco ASA Software | =9.10<9.10.1.17>=9.7=9.8<=9.9<9.9.2.50=9.6<9.6.4.25=9.5<9.6.4.25=9.4<9.4.4.34=Prior to 9.4<9.4.4.34 | 9.10.1.17 9.9.2.50 9.6.4.25 9.6.4.25 9.4.4.34 9.4.4.34 |
| Cisco FTD Software | =6.2.3<6.2.3.12=6.2.2<6.2.3.12=6.2.1<6.2.3.12=6.2.0<6.2.3.12=6.1.0<6.2.3.12=6.0.1<6.2.3.12=6.0<6.2.3.12 | 6.2.3.12 6.2.3.12 6.2.3.12 6.2.3.12 6.2.3.12 6.2.3.12 6.2.3.12 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of cisco-sa-20190501-asa-ftdtcp-dos?
The severity of cisco-sa-20190501-asa-ftdtcp-dos is considered high due to its potential to cause a denial of service.
How do I fix cisco-sa-20190501-asa-ftdtcp-dos?
To fix cisco-sa-20190501-asa-ftdtcp-dos, upgrade your Cisco ASA or FTD software to the recommended versions listed by Cisco.
What devices are affected by cisco-sa-20190501-asa-ftdtcp-dos?
Affected devices include Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software running vulnerable versions.
Can cisco-sa-20190501-asa-ftdtcp-dos be exploited remotely?
Yes, cisco-sa-20190501-asa-ftdtcp-dos can be exploited by an unauthenticated remote attacker.
What impact does cisco-sa-20190501-asa-ftdtcp-dos have?
The impact of cisco-sa-20190501-asa-ftdtcp-dos is that it can cause the affected device to restart unexpectedly, leading to a denial of service.
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/cisco-advisory
- source/Cisco
- agent/software-canonical-lookup
- agent/references
- agent/weakness
- agent/author
- agent/severity
- agent/title
- agent/description
- agent/event
- agent/tags
- agent/source
- vendor/cisco
- canonical/cisco asa software
- version/cisco asa software/9.10
- version/cisco asa software/9.7
- version/cisco asa software/9.8
- version/cisco asa software/9.9
- version/cisco asa software/9.6
- version/cisco asa software/9.5
- version/cisco asa software/9.4
- version/cisco asa software/prior to 9.4
- canonical/cisco ftd software
- version/cisco ftd software/6.2.3
- version/cisco ftd software/6.2.2
- version/cisco ftd software/6.2.1
- version/cisco ftd software/6.2.0
- version/cisco ftd software/6.1.0
- version/cisco ftd software/6.0.1
- version/cisco ftd software/6.0