Published: 03/05/2019 Updated: 15/08/2023

CVSS v2 Base Score: 6.1 | Impact Score: 6.9 | Exploitability Score: 6.5

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 543

Vector: AV:A/AC:L/Au:N/C:N/I:C/A:N

A vulnerability in the detection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent malicious user to send data directly to the kernel of an affected device. The vulnerability exists because the software improperly filters Ethernet frames sent to an affected device. An attacker could exploit this vulnerability by sending crafted packets to the management interface of an affected device. A successful exploit could allow the malicious user to bypass the Layer 2 (L2) filters and send data directly to the kernel of the affected device. A malicious frame successfully delivered would make the target device generate a specific syslog entry.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco adaptive_security_appliance_software
cisco firepower_threat_defense

A vulnerability in the detection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to send data directly to the kernel of an affected device The vulnerability exists because the software improperly filters Ethernet frames sent to an affecte ...

NVD-CWE-Other https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-bypass http://www.securityfocus.com/bid/108173 https://nvd.nist.gov https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-asa-ftd-bypass

CVE-2019-1695

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect