CVE-2019-12701

Name of the Vulnerable Software and Affected Versions Cisco Firepower Management Center (FMC) Software (affected versions not specified)

Description The issue exists due to insufficient validation of incoming traffic, allowing a remote attacker to bypass file and malware inspection policies by sending a specially crafted HTTP request through the affected device. This could enable the attacker to send malicious traffic through the device, potentially compromising its security.

Recommendations For all affected versions, consider restricting access to the file and malware inspection feature until a patch is available. As a temporary workaround, consider disabling the feature that allows incoming traffic to bypass inspection policies. Avoid using the affected device to inspect files and malware until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.