CVE-2019-1669

Name of the Vulnerable Software and Affected Versions Cisco Firepower Threat Defense (FTD) Software (affected versions not specified)

Description A vulnerability in the data acquisition (DAQ) component could allow an unauthenticated, remote attacker to bypass configured access control policies or cause a denial of service (DoS) condition. The issue exists because the software improperly manages system memory resources when inspecting traffic. An attacker could exploit this by generating specific traffic patterns for the software to inspect, potentially exhausting system memory resources used for traffic inspection. Depending on the configuration, the software could fail open and cease to inspect traffic or fail closed and result in a DoS condition. This may require manual intervention to restore the software.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.