Cisco Firepower Threat Defense和Cisco Adaptive Security Appliances Software 缓冲区错误漏洞

CNNVD-ID编号 CNNVD-201911-653
CVE编号 CVE-2019-15992
发布时间 2019-11-12
更新时间 2021-01-12
漏洞类型 缓冲区错误
漏洞来源 The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory. Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory.
危险等级 高危
威胁类型 远程
厂 商 N/A

漏洞介绍

Cisco Firepower Threat Defense(FTD)和Cisco Adaptive Security Appliances Software(ASA Software)都是美国思科(Cisco)公司的产品。Cisco Firepower Threat Defense是一套提供下一代防火墙服务的统一软件。Cisco Adaptive Security Appliances Software是一套防火墙和网络安全平台。该平台提供了对数据和网络资源的高度安全的访问等功能。

Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software中存在缓冲区错误漏洞。该漏洞源于网络系统或产品在内存上执行操作时,未正确验证数据边界,导致向关联的其他内存位置上执行了错误的读写操作。攻击者可利用该漏洞导致缓冲区溢出或堆溢出等。

漏洞补丁

目前厂商已发布升级了Cisco Firepower Threat Defense和Cisco Adaptive Security Appliances Software 缓冲区错误漏洞的补丁,Cisco Firepower Threat Defense和Cisco Adaptive Security Appliances Software 缓冲区错误漏洞的补丁获取链接:

参考网址

受影响实体

  • 暂无

信息来源