Strix
26.1K

CVE-2019-1981

MEDIUMCVSS 5.8/10EPSS 1.04%

Last modified

CVE-2019-1981 is a medium-severity vulnerability rated 5.8/10 on the CVSS scale. A vulnerability in the normalization functionality of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to insufficient normalization of a text-based payload. EPSS estimates a 1.04% chance of exploitation in the next 30 days.

Description

A vulnerability in the normalization functionality of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to insufficient normalization of a text-based payload. An attacker could exploit this vulnerability by sending traffic that contains specifically obfuscated payloads through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious payloads to protected systems that would otherwise be blocked.

Metrics

CVSS 3.1
5.8/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

EPSS Probability
1.04%

59.7th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoFirepower Services Software For AsaAll versions
CiscoFirepower Threat DefenseAll versions
CiscoSecure Firewall Management Center>= 2.9.12, <= 2.9.12.15
CiscoSecure Firewall Management Center>= 2.9.13, <= 2.9.13.6
CiscoSecure Firewall Management Center>= 2.9.14.0, <= 2.9.14.5
CiscoSecure Firewall Management Center2.9.15
CiscoSecure Firewall Management Center2.9.16

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2019-1981?
A vulnerability in the normalization functionality of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to insufficient normalization of a text-based payload. An attacker could exploit this vulnerability by sending traffic that contains specifically obfuscated payloads through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious payloads to protected systems that would otherwise be blocked.
How severe is CVE-2019-1981?
CVE-2019-1981 has a CVSS score of 5.8/10 (MEDIUM severity). The EPSS model estimates a 1.04% probability of exploitation in the next 30 days.
How do I fix CVE-2019-1981?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2019-1981?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST