Vulnerability-Lookup

BDU:2019-04143

Vulnerability from fstec - Published: 02.10.2019

Title

Уязвимость механизма обнаружения программного обеспечения предотвращения вторжений Cisco Firepower System Software, позволяющая нарушителю обойти настроенные политики безопасности для обнаружения вредоносных программ и файлов с расширением .RTF и .RAR

Description

Уязвимость механизма обнаружения программного обеспечения предотвращения вторжений Cisco Firepower System Software существует из-за недостаточной проверки входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, обойти настроенные политики безопасности для обнаружения вредоносных программ и файлов с расширением .RTF и .RAR

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Vendor

Cisco Systems Inc.

Software Name

Firepower System Software

Software Version

от 6.3.0 до 6.3.0.5 (Firepower System Software), от 6.4.0 до 6.4.0.6 (Firepower System Software), до 6.2.3.15 (Firepower System Software)

Possible Mitigations

Использование рекомендаций производителя: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-firepwr-bypass

Reference

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-firepwr-bypass https://nvd.nist.gov/vuln/detail/CVE-2019-12697

CWE

CWE-20, CWE-693

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Cisco Systems Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 6.3.0 \u0434\u043e 6.3.0.5 (Firepower System Software), \u043e\u0442 6.4.0 \u0434\u043e 6.4.0.6 (Firepower System Software), \u0434\u043e 6.2.3.15 (Firepower System Software)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-firepwr-bypass",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "02.10.2019",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "19.11.2019",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "19.11.2019",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2019-04143",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-12697",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Firepower System Software",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Cisco Systems Inc. Firepower System Software \u0434\u043e 6.2.3.15 Cisco 3000 Series Industrial Security Appliances, Cisco Systems Inc. Firepower System Software \u043e\u0442 6.3.0 \u0434\u043e 6.3.0.5 Cisco 3000 Series Industrial Security Appliances, Cisco Systems Inc. Firepower System Software \u043e\u0442 6.4.0 \u0434\u043e 6.4.0.6 Cisco 3000 Series Industrial Security Appliances, Cisco Systems Inc. Firepower System Software \u0434\u043e 6.2.3.15 Cisco ASA 5500-X Series, Cisco Systems Inc. Firepower System Software \u043e\u0442 6.3.0 \u0434\u043e 6.3.0.5 Cisco ASA 5500-X Series, Cisco Systems Inc. Firepower System Software \u043e\u0442 6.4.0 \u0434\u043e 6.4.0.6 Cisco ASA 5500-X Series, Cisco Systems Inc. Firepower System Software \u0434\u043e 6.2.3.15 Cisco ASA 5500-X Series with FirePOWER Services, Cisco Systems Inc. Firepower System Software \u043e\u0442 6.3.0 \u0434\u043e 6.3.0.5 Cisco ASA 5500-X Series with FirePOWER Services, Cisco Systems Inc. Firepower System Software \u043e\u0442 6.4.0 \u0434\u043e 6.4.0.6 Cisco ASA 5500-X Series with FirePOWER Services, Cisco Systems Inc. Firepower System Software \u0434\u043e 6.2.3.15 Advanced Malware Protection (AMP) for Networks, 7000 Series Appliances, Cisco Systems Inc. Firepower System Software \u043e\u0442 6.3.0 \u0434\u043e 6.3.0.5 Advanced Malware Protection (AMP) for Networks, 7000 Series Appliances, Cisco Systems Inc. Firepower System Software \u043e\u0442 6.4.0 \u0434\u043e 6.4.0.6 Advanced Malware Protection (AMP) for Networks, 7000 Series Appliances, Cisco Systems Inc. Firepower System Software \u0434\u043e 6.2.3.15 Advanced Malware Protection (AMP) for Networks, 8000 Series Appliances, Cisco Systems Inc. Firepower System Software \u043e\u0442 6.3.0 \u0434\u043e 6.3.0.5 Advanced Malware Protection (AMP) for Networks, 8000 Series Appliances, Cisco Systems Inc. Firepower System Software \u043e\u0442 6.4.0 \u0434\u043e 6.4.0.6 Advanced Malware Protection (AMP) for Networks, 8000 Series Appliances, Cisco Systems Inc. Firepower System Software \u0434\u043e 6.2.3.15 Cisco Firepower 2100 Series, Cisco Systems Inc. Firepower System Software \u043e\u0442 6.3.0 \u0434\u043e 6.3.0.5 Cisco Firepower 2100 Series, Cisco Systems Inc. Firepower System Software \u043e\u0442 6.4.0 \u0434\u043e 6.4.0.6 Cisco Firepower 2100 Series, Cisco Systems Inc. Firepower System Software \u0434\u043e 6.2.3.15 Firepower 4100 Series, Cisco Systems Inc. Firepower System Software \u043e\u0442 6.3.0 \u0434\u043e 6.3.0.5 Firepower 4100 Series, Cisco Systems Inc. Firepower System Software \u043e\u0442 6.4.0 \u0434\u043e 6.4.0.6 Firepower 4100 Series, Cisco Systems Inc. Firepower System Software \u0434\u043e 6.2.3.15 Cisco Firepower 1000 Series, Cisco Systems Inc. Firepower System Software \u043e\u0442 6.3.0 \u0434\u043e 6.3.0.5 Cisco Firepower 1000 Series, Cisco Systems Inc. Firepower System Software \u043e\u0442 6.4.0 \u0434\u043e 6.4.0.6 Cisco Firepower 1000 Series, Cisco Systems Inc. Firepower System Software \u0434\u043e 6.2.3.15 FirePOWER 7000 Series Appliances, Cisco Systems Inc. Firepower System Software \u043e\u0442 6.3.0 \u0434\u043e 6.3.0.5 FirePOWER 7000 Series Appliances, Cisco Systems Inc. Firepower System Software \u043e\u0442 6.4.0 \u0434\u043e 6.4.0.6 FirePOWER 7000 Series Appliances, Cisco Systems Inc. Firepower System Software \u0434\u043e 6.2.3.15 Cisco Firepower 8000 Series, Cisco Systems Inc. Firepower System Software \u043e\u0442 6.3.0 \u0434\u043e 6.3.0.5 Cisco Firepower 8000 Series, Cisco Systems Inc. Firepower System Software \u043e\u0442 6.4.0 \u0434\u043e 6.4.0.6 Cisco Firepower 8000 Series, Cisco Systems Inc. Firepower System Software \u0434\u043e 6.2.3.15 Firepower 9300 Security Appliances, Cisco Systems Inc. Firepower System Software \u043e\u0442 6.3.0 \u0434\u043e 6.3.0.5 Firepower 9300 Security Appliances, Cisco Systems Inc. Firepower System Software \u043e\u0442 6.4.0 \u0434\u043e 6.4.0.6 Firepower 9300 Security Appliances, Cisco Systems Inc. Firepower System Software \u0434\u043e 6.2.3.15 FirePOWER Threat Defense for Integrated Services Routers (ISRs), Cisco Systems Inc. Firepower System Software \u043e\u0442 6.3.0 \u0434\u043e 6.3.0.5 FirePOWER Threat Defense for Integrated Services Routers (ISRs), Cisco Systems Inc. Firepower System Software \u043e\u0442 6.4.0 \u0434\u043e 6.4.0.6 FirePOWER Threat Defense for Integrated Services Routers (ISRs), Cisco Systems Inc. Firepower System Software \u0434\u043e 6.2.3.15 FTD Virtual (FTDv), Cisco Systems Inc. Firepower System Software \u043e\u0442 6.3.0 \u0434\u043e 6.3.0.5 FTD Virtual (FTDv), Cisco Systems Inc. Firepower System Software \u043e\u0442 6.4.0 \u0434\u043e 6.4.0.6 FTD Virtual (FTDv), Cisco Systems Inc. Firepower System Software \u0434\u043e 6.2.3.15 Next-Generation Intrusion Prevention System (NGIPSv), Cisco Systems Inc. Firepower System Software \u043e\u0442 6.3.0 \u0434\u043e 6.3.0.5 Next-Generation Intrusion Prevention System (NGIPSv), Cisco Systems Inc. Firepower System Software \u043e\u0442 6.4.0 \u0434\u043e 6.4.0.6 Next-Generation Intrusion Prevention System (NGIPSv)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u0439 Cisco\u00a0Firepower\u00a0System\u00a0Software, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u0431\u043e\u0439\u0442\u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0435 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0441 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435\u043c .RTF \u0438 .RAR",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20), \u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-693)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0432\u0442\u043e\u0440\u0436\u0435\u043d\u0438\u0439 Cisco\u00a0Firepower\u00a0System\u00a0Software \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u043e\u0431\u043e\u0439\u0442\u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0435 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0441 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435\u043c .RTF \u0438 .RAR",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-firepwr-bypass\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-12697",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20, CWE-693",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,8)"
}

CVE-2019-12697 (GCVE-0-2019-12697)

Vulnerability from cvelistv5 – Published: 2019-10-02 19:06 – Updated: 2024-11-19 18:54

Title

Cisco Firepower System Software Detection Engine RTF and RAR Malware and File Policy Bypass Vulnerabilities

Summary

Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory.

Severity ?

5.8 (Medium)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-693

Assigner

cisco

References

URL

Tags

https://tools.cisco.com/security/center/content/C…

vendor-advisoryx_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco FireSIGHT System Software	Affected: unspecified , < n/a (custom)

Date Public ?

2019-10-02 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:24:39.235Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20191002 Cisco Firepower System Software Detection Engine RTF and RAR Malware and File Policy Bypass Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-firepwr-bypass"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-12697",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:22:44.929605Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T18:54:09.036Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco FireSIGHT System Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-10-02T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-693",
              "description": "CWE-693",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-10-02T19:06:48.000Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20191002 Cisco Firepower System Software Detection Engine RTF and RAR Malware and File Policy Bypass Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-firepwr-bypass"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20191002-firepwr-bypass",
        "defect": [
          [
            "CSCvo70545",
            "CSCvp66222"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower System Software Detection Engine RTF and RAR Malware and File Policy Bypass Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-10-02T16:00:00-0700",
          "ID": "CVE-2019-12697",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower System Software Detection Engine RTF and RAR Malware and File Policy Bypass Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco FireSIGHT System Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.8",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-693"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20191002 Cisco Firepower System Software Detection Engine RTF and RAR Malware and File Policy Bypass Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-firepwr-bypass"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20191002-firepwr-bypass",
          "defect": [
            [
              "CSCvo70545",
              "CSCvp66222"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-12697",
    "datePublished": "2019-10-02T19:06:48.250Z",
    "dateReserved": "2019-06-04T00:00:00.000Z",
    "dateUpdated": "2024-11-19T18:54:09.036Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2019-04143

CVE-2019-12697 (GCVE-0-2019-12697)

Tags

Sightings

Nomenclature