CVE-2019-1981

Name of the Vulnerable Software and Affected Versions Cisco Firepower Threat Defense Software (affected versions not specified) Cisco FirePOWER Services Software for ASA (affected versions not specified) Cisco Firepower Management Center Software (affected versions not specified)

Description The issue is caused by errors in normalizing text content commands, specifically related to the detection of obfuscated NULL characters. This could allow a remote attacker to bypass configured content filters and impact the integrity of protected information. An attacker could exploit this by sending traffic with specifically obfuscated payloads through an affected device, potentially delivering malicious payloads to protected systems that would otherwise be blocked.

Recommendations For Cisco Firepower Threat Defense Software, consider temporarily restricting the use of the text normalization functionality until a patch is available. For Cisco FirePOWER Services Software for ASA, restrict access to the affected normalization module to minimize the risk of exploitation. For Cisco Firepower Management Center Software, avoid using the vulnerable normalization functionality in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.