CVE-2019-1691 is a vulnerability in Cisco Firepower Threat Defense Software
Published on February 21, 2019
Cisco Firepower Threat Defense Software SSL or TLS Denial of Service Vulnerability
A vulnerability in the detection engine of Cisco Firepower Threat Defense Software could allow an unauthenticated, remote attacker to cause the unexpected restart of the SNORT detection engine, resulting in a denial of service (DoS) condition. The vulnerability is due to the incomplete error handling of the SSL or TLS packet header during the connection establishment. An attacker could exploit this vulnerability by sending a crafted SSL or TLS packet during the connection handshake. An exploit could allow the attacker to cause the SNORT detection engine to unexpectedly restart, resulting in a partial DoS condition while the detection engine restarts. Versions prior to 6.2.3.4 are affected.
Weakness Type
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Products Associated with CVE-2019-1691
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-1691 are published in Cisco Firepower Threat Defense Software:
Affected Versions
Cisco Firepower Threat Defense Software:- Version unspecified and below 6.2.3.4 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.