Vulnslist

find the latest Cisco vulnerabilities

Cisco Firepower Management Center Software File and Malware Policy Bypass Vulnerability

cisco-sa-20191002-fire-bypass · Medium · Published · Updated

A vulnerability in the file and malware inspection feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass the file and malware inspection policies on an affected system. The vulnerability exists because the affected software insufficiently validates incoming traffic. An attacker could exploit this vulnerability by sending a crafted HTTP request through an affected device. A successful exploit could allow the attacker to bypass the file and malware inspection policies and send malicious traffic through the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-fire-bypass

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2019-12701
Cisco Bug IDsCSCvp92361
CVSS ScoreBase 5.8
Base 5.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N/E:X/RL:X/RC:X
Product Names From Source
Cisco Firepower Management Center, Cisco Secure Firewall Management Center (FMC)

Related Products

Product CVE Evidence
Cisco Secure Firewall Management Center (FMC) CVE-2019-12701 Cisco OpenVuln
Cisco Firepower Management Center CVE-2019-12701 Cisco OpenVuln