目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1336 CNY

100%

CVE-2019-1695— Cisco Firepower Threat Defense 安全漏洞

AI Predicted 6.5 Difficulty: Moderate EPSS 0.71% · P49
新しい脆弱性情報の通知を購読するログインして購読

I. CVE-2019-1695の基本情報

脆弱性情報

脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗

高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。

脆弱性タイトル
Cisco Adaptive Security Appliance and Firepower Threat Defense Software Layer 2 Filtering Bypass Vulnerability
ソース: NVD (National Vulnerability Database)
脆弱性説明
A vulnerability in the detection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to send data directly to the kernel of an affected device. The vulnerability exists because the software improperly filters Ethernet frames sent to an affected device. An attacker could exploit this vulnerability by sending crafted packets to the management interface of an affected device. A successful exploit could allow the attacker to bypass the Layer 2 (L2) filters and send data directly to the kernel of the affected device. A malicious frame successfully delivered would make the target device generate a specific syslog entry.
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
访问控制不恰当
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Cisco Firepower Threat Defense 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Cisco Firepower Threat Defense(FTD)是美国思科(Cisco)公司的一套提供下一代防火墙服务的统一软件。 Cisco Firepower 2100 Series中的ASA Software和FTD Software的检测引擎存在安全漏洞。该漏洞源于网络系统或产品未正确限制来自未授权角色的资源访问。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)

影響を受ける製品

ベンダープロダクト影響を受けるバージョンCPE購読
CiscoCisco Adaptive Security Appliance (ASA) Software unspecified ~ 9.8.4 -
CiscoCisco Firepower Threat Defense (FTD) Software unspecified ~ 6.2.3.12 -

II. CVE-2019-1695の公開POC

#POC説明ソースリンクShenlongリンク
AI生成POCプレミアム

公開POCは見つかりませんでした。

ログインしてAI POCを生成

III. CVE-2019-1695のインテリジェンス情報

登录查看更多情报信息。

CVE-2019-1695 厂商安全公告 (2)

Same Patch Batch · Cisco · 2019-05-03 · 41 CVEs total

CVE-2019-1692Cisco Application Policy Infrastructure Controller Web-Based Management Interface Usage In
CVE-2019-1701Cisco Adaptive Security Appliance and Firepower Threat Defense Software WebVPN Cross-Site
CVE-2019-1703Cisco Firepower Threat Defense Software Packet Processing Denial of Service Vulnerability
CVE-2019-1704Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial
CVE-2019-1699Cisco Firepower Threat Defense Software Command Injection Vulnerability
CVE-2019-1697Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Lightweig
CVE-2019-1694Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software TCP
CVE-2019-1696Cisco Firepower Threat Defense Software SMB Protocol Preprocessor Detection Engine Denial
CVE-2019-1693Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN De
CVE-2019-1687Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software TCP Proxy
CVE-2019-1709Cisco Firepower Threat Defense Software Command Injection Vulnerability
CVE-2019-1635Cisco IP Phone 7800 Series and 8800 Series Session Initiation Protocol XML Denial of Servi
CVE-2019-1682Cisco Application Policy Infrastructure Controller Privilege Escalation Vulnerability
CVE-2019-1589Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Unmeasured
CVE-2019-1590Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Insecure F
CVE-2019-1592Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Privilege
CVE-2018-15462Cisco Firepower Threat Defense Software TCP Ingress Handler Denial of Service Vulnerabilit
CVE-2019-1586Cisco Application Policy Infrastructure Controller Recoverable Encryption Key Vulnerabilit
CVE-2019-1587Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Filter Que
CVE-2018-15388Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN De

Showing 20 of 41 CVEs. View all on vendor page →

IV. 関連脆弱性

V. CVE-2019-1695へのコメント

まだコメントはありません


コメントを残す