CVE-2019-12700

Name of the Vulnerable Software and Affected Versions Cisco Firepower Threat Defense (FTD) Software (affected versions not specified) Cisco Firepower Management Center (FMC) Software (affected versions not specified) Cisco FXOS Software (affected versions not specified)

Description A vulnerability in the configuration of the Pluggable Authentication Module (PAM) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The issue is due to improper resource management in the context of user session management. An attacker could exploit this vulnerability by connecting to an affected system and performing many simultaneous successful Secure Shell (SSH) logins, potentially exhausting system resources and causing the device to reload.

Recommendations For Cisco Firepower Threat Defense (FTD) Software, restrict access to the PAM module to minimize the risk of exploitation. For Cisco Firepower Management Center (FMC) Software, consider disabling simultaneous SSH logins until a fix is available. For Cisco FXOS Software, limit the number of concurrent user sessions to prevent resource exhaustion. At the moment, there is no information about a newer version that contains a fix for this vulnerability.