What is CVE-2019-1695?

CVE-2019-1695 is a medium-severity vulnerability in Cisco Adaptive Security Appliance (Asa) Software, classified under Improper Access Control. CVSS score: 4.3/10. Published 2019-05-03.

How severe is CVE-2019-1695?

Medium severity. CVSS v3 base score is 4.3 out of 10.

Vulnerability in Cisco Adaptive Security Appliance (Asa) Software

CVE-2019-1695

A vulnerability in the detection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to send data directly to the kernel of an affec…

EPSS: 0.001 (17.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N.

Affected products

Cisco Adaptive Security Appliance (Asa) Software — versions unspecified, unspecified, unspecified
Cisco Firepower Threat Defense (Ftd) Software — versions unspecified, unspecified

Weakness classification (CWE)

CWE-284 — Improper Access Control

References

20190501 Cisco Adaptive Security Appliance and Firepower Threat Defense Software Layer 2 Filtering Bypass Vulnerability (vendor-advisory, x_refsource_CISCO)
108173 (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2019-1695?: CVE-2019-1695 is a medium-severity vulnerability in Cisco Adaptive Security Appliance (Asa) Software, classified under Improper Access Control. CVSS score: 4.3/10. Published 2019-05-03.
How severe is CVE-2019-1695?: Medium severity. CVSS v3 base score is 4.3 out of 10.