Protection Mechanism Failure

CVE-2019-12697

High

7.5/10

Summary

Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details section of this advisory.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: NONE

CWE-693 - Protection Mechanism Failure

The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

References

Advisory Timeline

Published Oct 02, 2019

Protection Mechanism Failure

CVE-2019-12697

Summary

CWE-693 - Protection Mechanism Failure

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS