CVE-2019-12697

Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory.

Published : 2019-10-02 19:15 Updated : 2019-10-10 15:41

5.0
CVSS Score More info
Score 5.0 / 10
5.0
Vendor Product Version URI
Cisco Firepower 6.2.3.1 cpe:/a:cisco:firepower:6.2.3.1
Cisco Firepower 6.2.3.7 cpe:/a:cisco:firepower:6.2.3.7
Cisco Firepower 6.3.0 cpe:/a:cisco:firepower:6.3.0
Cisco Firepower 6.4.0 cpe:/a:cisco:firepower:6.4.0
  1. Cisco (1) Search CVE
    1. Firepower (4) Search CVE
      1. 6.2.3.1
      2. 6.2.3.7
      3. 6.3.0
      4. 6.4.0

CWE

ID Name Description Links
CWE-20 Improper Input Validation The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program. CVE

History of changes

Date Event
2019-10-10 15:41
2019-10-02 20:15
2019-10-02 19:17

New CVE