← Back

CVE-2019-12697

nvd nist
Published: Oct 2, 2019Modified: Jun 17, 2026

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory.

Affected (4)

Products: Cisco: Firepower
Cisco
1 product
Firepower
Configuration A
4 vulnerable · 22 platform
Vulnerable SoftwareAffected Versions
Cisco
Firepower
Version 6.2.3.1
Firepower
Version 6.2.3.7
Firepower
Version 6.3.0
Firepower
Version 6.4.0
Running on/withPlatform Versions
Cisco
Asa 5500 X
All versions
Cisco
Firepower 1010
All versions
Cisco
Firepower 1120
All versions
Cisco
Firepower 1140
All versions
Cisco
Firepower 2110
All versions
Cisco
Firepower 2120
All versions
Cisco
Firepower 2130
All versions
Cisco
Firepower 2140
All versions
Cisco
Firepower 4110
All versions
Cisco
Firepower 4115
All versions
Cisco
Firepower 4120
All versions
Cisco
Firepower 4125
All versions
Cisco
Firepower 4140
All versions
Cisco
Firepower 4145
All versions
Cisco
Firepower 4150
All versions
Cisco
Firepower 7000
All versions
Cisco
Firepower 8000
All versions
Cisco
Firepower 9300
All versions
Cisco
Firepower Threat Defense For Isr
All versions
Cisco
Ftd Virtual
All versions
Cisco
Isa 3000
All versions
Cisco
Ngipsv For Vmware
All versions

Related CWEs

CWE-693
Protection Mechanism Failure
The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

References (2)

Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.