CVE-2019-12678

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance (ASA) Software (affected versions not specified) Cisco Firepower Threat Defense (FTD) Software (affected versions not specified)

Description A vulnerability in the Session Initiation Protocol (SIP) inspection module could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The issue is due to improper parsing of SIP messages. An attacker could exploit this by sending a malicious SIP packet, potentially triggering an integer underflow and causing the software to crash.

Recommendations For Cisco Adaptive Security Appliance (ASA) Software, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Cisco Firepower Threat Defense (FTD) Software, at the moment, there is no information about a newer version that contains a fix for this vulnerability.