CVE-2019-1700

Name of the Vulnerable Software and Affected Versions Cisco Firepower 9000 Series version 2.2

Description A logic error in the field-programmable gate array (FPGA) related to the processing of different types of input packets could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. An attacker could exploit this by sending a crafted sequence of input packets to a specific interface on an affected device, causing a queue wedge condition on the interface, which would stop the device from processing any additional packets received on the wedged interface.

Recommendations For version 2.2, manual intervention may be required to resume normal operations after a successful exploit. As a temporary workaround, consider restricting access to the affected interface until a fix is available.