PT-2019-15954 · Cisco · Cisco Firepower Services Software For Asa+2
Published
2019-11-05
·
Updated
2024-11-26
·
CVE-2019-1978
CVSS v3.1
5.8
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco Firepower Threat Defense Software (affected versions not specified)
Cisco FirePOWER Services Software for ASA (affected versions not specified)
Cisco Firepower Management Center Software (affected versions not specified)
Description
A vulnerability in the stream reassembly component could allow an unauthenticated, remote attacker to bypass filtering protections. This is due to improper reassembly of traffic streams. An attacker could exploit this by sending crafted streams through an affected device, potentially allowing them to bypass filtering and deliver malicious requests to protected systems.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Cisco Firepower Services Software For Asa
Cisco Firepower Management Center
Cisco Ftd