Vulnerability in Cisco Asa_5500-x
CVE-2019-12697
Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vu…
EPSS: 0.015 (70.2th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N.
Affected products
- Cisco Asa_5500-x
- Cisco Firesight System Software — versions unspecified
- Cisco Firepower — versions 6.2.3.1, 6.2.3.7, 6.3.0
- Cisco Firepower_1010
- Cisco Firepower_1120
- Cisco Firepower_1140
- Cisco Firepower_2110
- Cisco Firepower_2120
- Cisco Firepower_2130
- Cisco Firepower_2140
Weakness classification (CWE)
References
- psirt@cisco.com (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
Frequently asked questions
- What is CVE-2019-12697?
- CVE-2019-12697 is a high-severity vulnerability in Cisco Asa_5500-x, classified under Protection Mechanism Failure. CVSS score: 7.5/10. Published 2019-10-02.
- How severe is CVE-2019-12697?
- High severity. CVSS v3 base score is 7.5 out of 10.