Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-20191002-FTD-FPMC-DOS
HistoryOct 02, 2019 - 4:00 p.m.

Cisco FTD, FMC, and FXOS Software Pluggable Authentication Module Denial of Service Vulnerability

2019-10-0216:00:00
tools.cisco.com
152

0.001 Low

EPSS

Percentile

45.1%

JSON

A vulnerability in the configuration of the Pluggable Authentication Module (PAM) used in Cisco Firepower Threat Defense (FTD) Software, Cisco Firepower Management Center (FMC) Software, and Cisco FXOS Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition.

The vulnerability is due to improper resource management in the context of user session management. An attacker could exploit this vulnerability by connecting to an affected system and performing many simultaneous successful Secure Shell (SSH) logins. A successful exploit could allow the attacker to exhaust system resources and cause the device to reload, resulting in a DoS condition. To exploit this vulnerability, the attacker needs valid user credentials on the system.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-fpmc-dos [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ftd-fpmc-dos”]

Affected configurations

Vulners
Node
ciscofirepower_management_centerMatch6.0
OR
ciscofirepower_management_centerMatch6.1
OR
ciscofirepower_management_centerMatch6.2
OR
ciscofirepower_threat_defense_softwareMatch6.0
OR
ciscofirepower_threat_defense_softwareMatch5.3
OR
ciscofirepower_threat_defense_softwareMatch5.4
OR
ciscofirepower_threat_defense_softwareMatch6.1
OR
ciscofirepower_threat_defense_softwareMatch6.2
OR
ciscofirepower_extensible_operating_systemMatch2.0
OR
ciscofirepower_extensible_operating_systemMatch2.1
OR
ciscofirepower_extensible_operating_systemMatch1.1
OR
ciscofirepower_extensible_operating_systemMatch2.2
OR
ciscofirepower_extensible_operating_systemMatch2.3
OR
ciscofirepower_extensible_operating_systemMatch2.4
OR
ciscofirepower_management_centerMatchany
OR
ciscofirepower_management_centerMatch6.0.0
OR
ciscofirepower_management_centerMatch6.0.1
OR
ciscofirepower_management_centerMatch6.0.0.1
OR
ciscofirepower_management_centerMatch6.0.0.0
OR
ciscofirepower_management_centerMatch6.0.1.1
OR
ciscofirepower_management_centerMatch6.0.1.3
OR
ciscofirepower_management_centerMatch6.0.1.2
OR
ciscofirepower_management_centerMatch6.0.1.4
OR
ciscofirepower_management_centerMatch6.1.0
OR
ciscofirepower_management_centerMatch6.1.0.2
OR
ciscofirepower_management_centerMatch6.1.0.1
OR
ciscofirepower_management_centerMatch6.1.0.3
OR
ciscofirepower_management_centerMatch6.1.0.4
OR
ciscofirepower_management_centerMatch6.1.0.5
OR
ciscofirepower_management_centerMatch6.1.0.6
OR
ciscofirepower_management_centerMatch6.1.0.7
OR
ciscofirepower_management_centerMatchany
OR
ciscofirepower_management_centerMatch6.2.0
OR
ciscofirepower_management_centerMatch6.2.1
OR
ciscofirepower_management_centerMatch6.2.2
OR
ciscofirepower_management_centerMatch6.2.0.2
OR
ciscofirepower_management_centerMatch6.2.0.1
OR
ciscofirepower_management_centerMatch6.2.0.3
OR
ciscofirepower_management_centerMatch6.2.0.4
OR
ciscofirepower_management_centerMatch6.2.0.5
OR
ciscofirepower_management_centerMatch6.2.0.6
OR
ciscofirepower_management_centerMatch6.2.0.7
OR
ciscofirepower_management_centerMatch6.2.2.1
OR
ciscofirepower_management_centerMatch6.2.2.2
OR
ciscofirepower_management_centerMatch6.2.2.3
OR
ciscofirepower_management_centerMatch6.2.2.4
OR
ciscofirepower_management_centerMatch6.2.3
OR
ciscofirepower_management_centerMatch6.2.3.1
OR
ciscofirepower_management_centerMatch6.2.3.2
OR
ciscofirepower_management_centerMatch6.2.3.3
OR
ciscofirepower_management_centerMatch6.2.3.4
OR
ciscofirepower_management_centerMatch6.2.3.5
OR
ciscofirepower_management_centerMatch6.2.3.6
OR
ciscofirepower_management_centerMatch6.2.3.7
OR
ciscofirepower_management_centerMatch6.2.3.9
OR
ciscofirepower_management_centerMatch6.2.3.10
OR
ciscofirepower_management_centerMatch6.2.3.11
OR
ciscofirepower_management_centerMatch6.2.3.12
OR
ciscofirepower_management_centerMatch6.2.3.13
OR
ciscofirepower_threat_defense_softwareMatch6.0.0
OR
ciscofirepower_threat_defense_softwareMatch6.0.1
OR
ciscofirepower_threat_defense_softwareMatch6.0.1.3
OR
ciscofirepower_threat_defense_softwareMatch6.0.1.1
OR
ciscofirepower_threat_defense_softwareMatch6.0.1.2
OR
ciscofirepower_threat_defense_softwareMatch6.0.1.4
OR
ciscofirepower_threat_defense_softwareMatch5.3.0
OR
ciscofirepower_threat_defense_softwareMatch5.4.0
OR
ciscofirepower_threat_defense_softwareMatch6.1.0
OR
ciscofirepower_threat_defense_softwareMatch6.1.0.2
OR
ciscofirepower_threat_defense_softwareMatch6.1.0.1
OR
ciscofirepower_threat_defense_softwareMatch6.1.0.3
OR
ciscofirepower_threat_defense_softwareMatch6.1.0.4
OR
ciscofirepower_threat_defense_softwareMatch6.1.0.5
OR
ciscofirepower_threat_defense_softwareMatch6.1.0.6
OR
ciscofirepower_threat_defense_softwareMatch6.1.0.7
OR
ciscofirepower_threat_defense_softwareMatch6.2.0
OR
ciscofirepower_threat_defense_softwareMatch6.2.1
OR
ciscofirepower_threat_defense_softwareMatch6.2.2
OR
ciscofirepower_threat_defense_softwareMatch6.2.0.1
OR
ciscofirepower_threat_defense_softwareMatch6.2.0.2
OR
ciscofirepower_threat_defense_softwareMatch6.2.0.3
OR
ciscofirepower_threat_defense_softwareMatch6.2.0.4
OR
ciscofirepower_threat_defense_softwareMatch6.2.2.1
OR
ciscofirepower_threat_defense_softwareMatch6.2.2.2
OR
ciscofirepower_threat_defense_softwareMatch6.2.3
OR
ciscofirepower_threat_defense_softwareMatch6.2.3.1
OR
ciscofirepower_threat_defense_softwareMatch6.2.3.2
OR
ciscofirepower_threat_defense_softwareMatch6.2.3.3
OR
ciscofirepower_threat_defense_softwareMatch6.2.3.4
OR
ciscofirepower_threat_defense_softwareMatch6.2.3.5
OR
ciscofirepower_threat_defense_softwareMatch6.2.2.3
OR
ciscofirepower_threat_defense_softwareMatch6.2.2.4
OR
ciscofirepower_threat_defense_softwareMatch6.2.0.5
OR
ciscofirepower_threat_defense_softwareMatch6.2.0.6
OR
ciscofirepower_threat_defense_softwareMatch6.2.3.6
OR
ciscofirepower_threat_defense_softwareMatch6.2.0.7
OR
ciscofirepower_threat_defense_softwareMatch6.2.2.5
OR
ciscofirepower_threat_defense_softwareMatch6.2.3.7
OR
ciscofirepower_threat_defense_softwareMatch6.2.3.8
OR
ciscofirepower_threat_defense_softwareMatch6.2.3.10
OR
ciscofirepower_threat_defense_softwareMatch6.2.3.11
OR
ciscofirepower_threat_defense_softwareMatch6.2.3.9
OR
ciscofirepower_threat_defense_softwareMatch6.2.3.12
OR
ciscofirepower_threat_defense_softwareMatch6.2.3.13
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.68
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.201
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.86
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.37
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.135
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.141
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.144
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.148
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.149
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.153
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.159
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.188
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.203
OR
ciscofirepower_extensible_operating_systemMatch2.0.1.204
OR
ciscofirepower_extensible_operating_systemMatch2.1.1.64
OR
ciscofirepower_extensible_operating_systemMatch2.1.1.73
OR
ciscofirepower_extensible_operating_systemMatch2.1.1.77
OR
ciscofirepower_extensible_operating_systemMatch2.1.1.83
OR
ciscofirepower_extensible_operating_systemMatch2.1.1.85
OR
ciscofirepower_extensible_operating_systemMatch2.1.1.86
OR
ciscofirepower_extensible_operating_systemMatch2.1.1.97
OR
ciscofirepower_extensible_operating_systemMatch2.1.1.106
OR
ciscofirepower_extensible_operating_systemMatch2.1.1.107
OR
ciscofirepower_extensible_operating_systemMatch2.1.1.113
OR
ciscofirepower_extensible_operating_systemMatch2.1.1.115
OR
ciscofirepower_extensible_operating_systemMatch2.1.1.116
OR
ciscofirepower_extensible_operating_systemMatch1.1.1.147
OR
ciscofirepower_extensible_operating_systemMatch1.1.1.160
OR
ciscofirepower_extensible_operating_systemMatch1.1.2.51
OR
ciscofirepower_extensible_operating_systemMatch1.1.2.178
OR
ciscofirepower_extensible_operating_systemMatch1.1.3.84
OR
ciscofirepower_extensible_operating_systemMatch1.1.3.86
OR
ciscofirepower_extensible_operating_systemMatch1.1.3.97
OR
ciscofirepower_extensible_operating_systemMatch1.1.4.95
OR
ciscofirepower_extensible_operating_systemMatch1.1.4.117
OR
ciscofirepower_extensible_operating_systemMatch1.1.4.169
OR
ciscofirepower_extensible_operating_systemMatch1.1.4.175
OR
ciscofirepower_extensible_operating_systemMatch1.1.4.178
OR
ciscofirepower_extensible_operating_systemMatch1.1.4.179
OR
ciscofirepower_extensible_operating_systemMatch2.2.1.63
OR
ciscofirepower_extensible_operating_systemMatch2.2.1.66
OR
ciscofirepower_extensible_operating_systemMatch2.2.1.70
OR
ciscofirepower_extensible_operating_systemMatch2.2.2.17
OR
ciscofirepower_extensible_operating_systemMatch2.2.2.19
OR
ciscofirepower_extensible_operating_systemMatch2.2.2.24
OR
ciscofirepower_extensible_operating_systemMatch2.2.2.26
OR
ciscofirepower_extensible_operating_systemMatch2.2.2.28
OR
ciscofirepower_extensible_operating_systemMatch2.2.2.54
OR
ciscofirepower_extensible_operating_systemMatch2.2.2.60
OR
ciscofirepower_extensible_operating_systemMatch2.2.2.71
OR
ciscofirepower_extensible_operating_systemMatch2.2.2.83
OR
ciscofirepower_extensible_operating_systemMatch2.2.2.86
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.99
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.93
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.91
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.88
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.75
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.73
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.66
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.58
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.130
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.111
OR
ciscofirepower_extensible_operating_systemMatch2.3.1.110
OR
ciscofirepower_extensible_operating_systemMatch2.4.1.101
OR
ciscofirepower_extensible_operating_systemMatch2.4.1.214

Related

nessus 3
cve 1
cvelist 1
symantec 1
nvd 1
prion 1
nessus
nessus
Cisco FTD Software Pluggable Authentication Module DoS (cisco-sa-20191002-ftd-fpmc-dos)
2020-03-13 00:00:00
Cisco FXOS Software Pluggable Authentication Module DoS (cisco-sa-20191002-ftd-fpmc-dos)
2020-03-13 00:00:00
Cisco FMC Software Pluggable Authentication Module DoS (cisco-sa-20191002-ftd-fpmc-dos)
2020-03-13 00:00:00
cve
cve
CVE-2019-12700
2019-10-02 19:15:13
cvelist
cvelist
CVE-2019-12700 Cisco FTD, FMC, and FXOS Software Pluggable Authentication Module Denial of Service Vulnerability
2019-10-02 00:00:00
symantec
symantec
Multiple Cisco Products CVE-2019-12700 Denial of Service Vulnerability
2019-10-03 00:00:00
nvd
nvd
CVE-2019-12700
2019-10-02 19:15:13
prion
prion
Race condition
2019-10-02 19:15:00

0.001 Low

EPSS

Percentile

45.1%

JSON
Related for CISCO-SA-20191002-FTD-FPMC-DOS
nessus3cve1cvelist1symantec1nvd1prion1