CVE-2019-1691

Cisco Firepower Threat Defense Software SSL or TLS Denial of Service Vulnerability

Description

A vulnerability in the detection engine of Cisco Firepower Threat Defense Software could allow an unauthenticated, remote attacker to cause the unexpected restart of the SNORT detection engine, resulting in a denial of service (DoS) condition. The vulnerability is due to the incomplete error handling of the SSL or TLS packet header during the connection establishment. An attacker could exploit this vulnerability by sending a crafted SSL or TLS packet during the connection handshake. An exploit could allow the attacker to cause the SNORT detection engine to unexpectedly restart, resulting in a partial DoS condition while the detection engine restarts. Versions prior to 6.2.3.4 are affected.

References

Link	Tags
http://www.securityfocus.com/bid/107099	third party advisory vdb entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-fpwr-ssltls-dos	vendor advisory

Frequently Asked Questions

What is the severity of CVE-2019-1691?: CVE-2019-1691 has been scored as a medium severity vulnerability.
How to fix CVE-2019-1691?: To fix CVE-2019-1691, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2019-1691 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2019-1691 is being actively exploited. According to its EPSS score, there is a ~1% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2019-1691?: CVE-2019-1691 affects Cisco Cisco Firepower Threat Defense Software.

Description

Categories

CWE-20 – Improper Input Validation

CWE-755 – Improper Handling of Exceptional Conditions

References

Frequently Asked Questions