CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-1970

A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors when handling specific SSL/TLS messages. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and deliver a malicious payload to the protected network.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 26.4%

CVSS Severity

CVSS v3 Score 5.8

CVSS v2 Score 5.0

References

Products affected by CVE-2019-1970

Cisco » Firepower Threat Defense » Version: N/A

cpe:2.3:a:cisco:firepower_threat_defense:-
Cisco » Firepower Threat Defense » Version: 5.3.0

cpe:2.3:a:cisco:firepower_threat_defense:5.3.0
Cisco » Firepower Threat Defense » Version: 5.4.0

cpe:2.3:a:cisco:firepower_threat_defense:5.4.0
Cisco » Firepower Threat Defense » Version: 6.0

cpe:2.3:a:cisco:firepower_threat_defense:6.0
Cisco » Firepower Threat Defense » Version: 6.0.0

cpe:2.3:a:cisco:firepower_threat_defense:6.0.0
Cisco » Firepower Threat Defense » Version: 6.0.0.1

cpe:2.3:a:cisco:firepower_threat_defense:6.0.0.1
Cisco » Firepower Threat Defense » Version: 6.0.1

cpe:2.3:a:cisco:firepower_threat_defense:6.0.1
Cisco » Firepower Threat Defense » Version: 6.0.1.1

cpe:2.3:a:cisco:firepower_threat_defense:6.0.1.1
Cisco » Firepower Threat Defense » Version: 6.0.1.2

cpe:2.3:a:cisco:firepower_threat_defense:6.0.1.2
Cisco » Firepower Threat Defense » Version: 6.0.1.3

cpe:2.3:a:cisco:firepower_threat_defense:6.0.1.3
Cisco » Firepower Threat Defense » Version: 6.0.1.4

cpe:2.3:a:cisco:firepower_threat_defense:6.0.1.4
Cisco » Firepower Threat Defense » Version: 6.1.0

cpe:2.3:a:cisco:firepower_threat_defense:6.1.0
Cisco » Firepower Threat Defense » Version: 6.1.0.1

cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.1
Cisco » Firepower Threat Defense » Version: 6.1.0.2

cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.2
Cisco » Firepower Threat Defense » Version: 6.1.0.3

cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.3
Cisco » Firepower Threat Defense » Version: 6.1.0.4

cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.4
Cisco » Firepower Threat Defense » Version: 6.1.0.5

cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.5
Cisco » Firepower Threat Defense » Version: 6.1.0.6

cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.6
Cisco » Firepower Threat Defense » Version: 6.1.0.7

cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.7
Cisco » Firepower Threat Defense » Version: 6.2.0

cpe:2.3:a:cisco:firepower_threat_defense:6.2.0
Cisco » Firepower Threat Defense » Version: 6.2.0.1

cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.1
Cisco » Firepower Threat Defense » Version: 6.2.0.2

cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.2
Cisco » Firepower Threat Defense » Version: 6.2.0.3

cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.3
Cisco » Firepower Threat Defense » Version: 6.2.0.4

cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.4
Cisco » Firepower Threat Defense » Version: 6.2.0.5

cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.5
Cisco » Firepower Threat Defense » Version: 6.2.0.6

cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.6
Cisco » Firepower Threat Defense » Version: 6.2.1

cpe:2.3:a:cisco:firepower_threat_defense:6.2.1
Cisco » Firepower Threat Defense » Version: 6.2.2

cpe:2.3:a:cisco:firepower_threat_defense:6.2.2
Cisco » Firepower Threat Defense » Version: 6.2.2.1

cpe:2.3:a:cisco:firepower_threat_defense:6.2.2.1
Cisco » Firepower Threat Defense » Version: 6.2.2.2

cpe:2.3:a:cisco:firepower_threat_defense:6.2.2.2
Cisco » Firepower Threat Defense » Version: 6.2.2.3

cpe:2.3:a:cisco:firepower_threat_defense:6.2.2.3
Cisco » Firepower Threat Defense » Version: 6.2.2.4

cpe:2.3:a:cisco:firepower_threat_defense:6.2.2.4
Cisco » Firepower Threat Defense » Version: 6.2.2.5

cpe:2.3:a:cisco:firepower_threat_defense:6.2.2.5
Cisco » Firepower Threat Defense » Version: 6.2.3

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3
Cisco » Firepower Threat Defense » Version: 6.2.3.0

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.0
Cisco » Firepower Threat Defense » Version: 6.2.3.1

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1
Cisco » Firepower Threat Defense » Version: 6.2.3.10

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10
Cisco » Firepower Threat Defense » Version: 6.2.3.11

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11
Cisco » Firepower Threat Defense » Version: 6.2.3.12

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12
Cisco » Firepower Threat Defense » Version: 6.2.3.13

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13
Cisco » Firepower Threat Defense » Version: 6.2.3.14

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14
Cisco » Firepower Threat Defense » Version: 6.2.3.15

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15
Cisco » Firepower Threat Defense » Version: 6.2.3.16

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16
Cisco » Firepower Threat Defense » Version: 6.2.3.17

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17
Cisco » Firepower Threat Defense » Version: 6.2.3.18

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18
Cisco » Firepower Threat Defense » Version: 6.2.3.2

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2
Cisco » Firepower Threat Defense » Version: 6.2.3.3

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3
Cisco » Firepower Threat Defense » Version: 6.2.3.4

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4
Cisco » Firepower Threat Defense » Version: 6.2.3.5

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5
Cisco » Firepower Threat Defense » Version: 6.2.3.6

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6
Cisco » Firepower Threat Defense » Version: 6.2.3.7

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7
Cisco » Firepower Threat Defense » Version: 6.2.3.8

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8
Cisco » Firepower Threat Defense » Version: 6.2.3.9

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9
Cisco » Firepower Threat Defense » Version: 6.3.0

cpe:2.3:a:cisco:firepower_threat_defense:6.3.0
Cisco » Firepower Threat Defense » Version: 6.3.0.1

cpe:2.3:a:cisco:firepower_threat_defense:6.3.0.1
Cisco » Firepower Threat Defense » Version: 6.3.0.2

cpe:2.3:a:cisco:firepower_threat_defense:6.3.0.2
Cisco » Firepower Threat Defense » Version: 6.3.0.3

cpe:2.3:a:cisco:firepower_threat_defense:6.3.0.3
Cisco » Firepower Threat Defense » Version: 6.3.0.4

cpe:2.3:a:cisco:firepower_threat_defense:6.3.0.4
Cisco » Firepower Threat Defense » Version: 6.3.0.5

cpe:2.3:a:cisco:firepower_threat_defense:6.3.0.5
Cisco » Firepower Threat Defense » Version: 6.3.0.6

cpe:2.3:a:cisco:firepower_threat_defense:6.3.0.6
Cisco » Firepower Threat Defense » Version: 6.4.0

cpe:2.3:a:cisco:firepower_threat_defense:6.4.0
Cisco » Firepower Threat Defense » Version: 6.4.0.1

cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1
Cisco » Firepower Threat Defense » Version: 6.4.0.10

cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10
Cisco » Firepower Threat Defense » Version: 6.4.0.11

cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11
Cisco » Firepower Threat Defense » Version: 6.4.0.12

cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12
Cisco » Firepower Threat Defense » Version: 6.4.0.13

cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13
Cisco » Firepower Threat Defense » Version: 6.4.0.14

cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14
Cisco » Firepower Threat Defense » Version: 6.4.0.15

cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15
Cisco » Firepower Threat Defense » Version: 6.4.0.16

cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16
Cisco » Firepower Threat Defense » Version: 6.4.0.17

cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.17
Cisco » Firepower Threat Defense » Version: 6.4.0.18

cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.18
Cisco » Firepower Threat Defense » Version: 6.4.0.2

cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2
Cisco » Firepower Threat Defense » Version: 6.4.0.3

cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3
Cisco » Firepower Threat Defense » Version: 6.4.0.4

cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4
Cisco » Firepower Threat Defense » Version: 6.4.0.5

cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5
Cisco » Firepower Threat Defense » Version: 6.4.0.6

cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6
Cisco » Firepower Threat Defense » Version: 6.4.0.7

cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7
Cisco » Firepower Threat Defense » Version: 6.4.0.8

cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8
Cisco » Firepower Threat Defense » Version: 6.4.0.9

cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9
Cisco » Secure Firewall Management Center » Version: 6.3.0

cpe:2.3:a:cisco:secure_firewall_management_center:6.3.0
Cisco » Secure Firewall Management Center » Version: 6.4.0

cpe:2.3:a:cisco:secure_firewall_management_center:6.4.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-1970

Products

Pricing

Contact Us