CVE-2019-1873

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance Software (ASA) and Firepower Threat Defense (FTD) Software (affected versions not specified)

Description A vulnerability in the cryptographic driver could allow an unauthenticated, remote attacker to cause the device to reboot unexpectedly due to incomplete input validation of a Secure Sockets Layer (SSL) or Transport Layer Security (TLS) ingress packet header. An attacker could exploit this vulnerability by sending a crafted TLS/SSL packet to an interface on the targeted device, resulting in a denial of service (DoS) condition. This vulnerability affects systems configured in routed and transparent firewall mode and in single or multiple context mode, and can be triggered by IPv4 and IPv6 traffic. A valid SSL or TLS session is required to exploit this vulnerability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.