CVE-2019-1978

Description from NVD

A vulnerability in the stream reassembly component of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The vulnerability is due to improper reassembly of traffic streams. An attacker could exploit this vulnerability by sending crafted streams through an affected device. An exploit could allow the attacker to bypass filtering and deliver malicious requests to protected systems that would otherwise be blocked.

Information Acquisition Date:2021-04-27T10:37Z

CVSS 2.0: 5.0 MEDIUM CVSS 3.x: 5.8 MEDIUM

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Attack Vector (AV)	Network	Adjacent	Local	Physical
Attack Complexity (AC)	LOW	High
Privileges Required (PR)	None	Low	High
User Interaction (UI)	None	Required
Scope (S)	Unchanged	Changed
Confidentiality (C)	None	Low	High
Integrity (I)	None	Low	High
Availability (A)	None	Low	High

▼ CVSS2 Vec AV:N/AC:L/Au:N/C:N/I:P/A:N

Attack Vector (AV)	Network	Adjacent	Local
Access Complexity (AC)	Low	Medium	High
Authentication (Au)	None	Single	Multiple
Confidentiality (C)	None	Partial	Complete
Integrity (I)	None	Partial	Complete
Availability (A)	None	Partial	Complete

NVD References

20190816 Cisco Firepower Threat Defense Software Stream Reassembly Bypass Vulnerability
source:CISCO
tags:Vendor Advisory

Refer to Information on External Sites

CVE Infomation	Exploits or more Infomation
mitre	EXPLOIT DATABASE
NVD	0day.today
vulmon.com	github
CVE Details	Twitter
JVN ENG JPN
Reconshell

Software Tag: Adobe(1 tweets) Windows(1 tweets)

Information from Twitter

User	URL	Info Source	Date
CswWorks	https://bit.ly/3wTak23	Source CswWorks 1461235332008009731	2021/11/18
CswWorks	https://twitter.com/CswWorks/status/1461235332008009731/pho...	Source CswWorks 1461235332008009731	2021/11/18

Information from Twitter

User	URL	Info Source
CswWorks	bit.ly	Show Tweet
CswWorks	twitter.com	Show Tweet

GitHub Search Results: Up to 10

Name	URL
trustedsec/cve-2019-19781	https://github.com/trustedsec/cve-2019-19781
projectzeroindia/CVE-2019-19781	https://github.com/projectzeroindia/CVE-2019-19781
mpgn/CVE-2019-19781	https://github.com/mpgn/CVE-2019-19781
cisagov/check-cve-2019-19781	https://github.com/cisagov/check-cve-2019-19781
jas502n/CVE-2019-19781	https://github.com/jas502n/CVE-2019-19781
fireeye/ioc-scanner-CVE-2019-19781	https://github.com/fireeye/ioc-scanner-CVE-2019-19781
citrix/ioc-scanner-CVE-2019-19781	https://github.com/citrix/ioc-scanner-CVE-2019-19781
x1sec/CVE-2019-19781	https://github.com/x1sec/CVE-2019-19781
w4fz5uck5/CVE-2019-19781-CitrixRCE	https://github.com/w4fz5uck5/CVE-2019-19781-CitrixRCE
aqhmal/CVE-2019-19781	https://github.com/aqhmal/CVE-2019-19781

GitHub Search Results: Up to 10

Name	URL
trustedsec/cve-2019-19781	github.com
projectzeroindia/CVE-2019-19781	github.com
mpgn/CVE-2019-19781	github.com
cisagov/check-cve-2019-19781	github.com
jas502n/CVE-2019-19781	github.com
fireeye/ioc-scanner-CVE-2019-19781	github.com
citrix/ioc-scanner-CVE-2019-19781	github.com
x1sec/CVE-2019-19781	github.com
w4fz5uck5/CVE-2019-19781-CitrixRCE	github.com
aqhmal/CVE-2019-19781	github.com

2021/11/18 Score : 1
Added Har-sia Database : 2020/02/12
Last Modified : 2021/11/18
Highest Scored Date : 2020/04/11
Highest Score : 19