Patch/Configuration Management, Vulnerability Management

Cisco releases updates for DoS vulnerability

Cisco released security updates for a “high” rated vulnerability in its Adaptive Security Appliance Software and Firepower Threat Defense Software products that could allow a remote attacker to cause a denial-of-service condition

The vulnerability, CVE-2019-1873, is in the cryptographic driver of the products, according to a July 10 security update.

The bug is due to incomplete input validation of a Secure Sockets Layer (SSL) or Transport Layer Security (TLS) ingress packet header and can be exploited by sending a crafted TLS/SSL packet to an interface on the targeted device. 

An exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition.

Vulnerable products include the ASA 5506-X, ASA 5506-X with FirePOWER Services, ASA 5506H-X, ASA 5506H-X with FirePOWER Services, ASA 5506W-X, ASA 5506W-X with FirePOWER Services, ASA 5508-X, ASA 5508-X with FirePOWER Services, ASA 5516-X, and ASA 5516-X with FirePOWER Services.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.