CVE-2019-1980

Name of the Vulnerable Software and Affected Versions Cisco Firepower Threat Defense Software (affected versions not specified) Cisco FirePOWER Services Software for ASA (affected versions not specified) Cisco Firepower Management Center Software (affected versions not specified)

Description A vulnerability in the protocol detection component could allow an unauthenticated, remote attacker to bypass filtering protections. The issue is due to improper detection of the initial use of a protocol on a nonstandard port. An attacker could exploit this by sending traffic on a nonstandard port for the protocol in use through an affected device, potentially delivering malicious requests to protected systems that would otherwise be blocked.

Recommendations For Cisco Firepower Threat Defense Software, update the protocol detection component to properly handle nonstandard ports. For Cisco FirePOWER Services Software for ASA, ensure that the applied policy correctly configures the handling of protocol flows on nonstandard ports. For Cisco Firepower Management Center Software, review and adjust the network administration settings to minimize the risk of exploitation. As a temporary workaround, consider restricting traffic on nonstandard ports to minimize the risk of bypassing filtering protections.