Phone : +91 95 8290 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Firewall » Cisco patches two critical vulnerabilities that could lead to DoS attacks

Cisco patches two critical vulnerabilities that could lead to DoS attacks

  • The flaws are detected as CVE-2019-1721 and CVE-2019-1694.
  • The flaws impact Cisco’s TelePresence Video Communication Server and ASA 5500-X Series Firewalls.

Cisco has released security patches for two high-severity flaws that can allow attackers to launch Denial of Service (DoS) attacks. The flaws are detected as CVE-2019-1721 and CVE-2019-1694. The flaws impact Cisco’s TelePresence Video Communication Server and ASA 5500-X Series Firewalls.

What are the vulnerabilities?

CVE-2019-1721 is the vulnerability with the wildest likely impact. It is a flaw in the phone-book feature of Cisco Expressway Series and Cisco TelePresence Video Communication Server. The flaw could allow an unauthenticated remote attacker to increase the performance of CPU to 100 percent, causing a DoS condition on an affected system.

The bug is related to improper handling of XML input by affected devices.

“An attacker could exploit this vulnerability by sending a Session Initiation Protocol (SIP) message with a crafted XML payload to an affected device. A successful exploit could allow the attacker to exhaust CPU resources, resulting in a DoS condition. Manual intervention may be required to recover the device,” the security bulletin read.

CVE-2019-1694 is the second critical flaw that exists in the TCP processing engine of Cisco Adaptive Security Appliance (ASA) software and Cisco Firepower Threat Defense (FTD) software.

The vulnerability is due to improper handling of TCP traffic.

“An attacker who is using a TCP protocol that is configured for inspection could exploit this vulnerability by sending a specific sequence of packets at a high rate through an affected device,” Cisco stated in its bulletin.

The bottom line

Cisco has released software updates to address both vulnerabilities. In addition, it has also addressed several other medium-severity flaws found across its products.

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

 

 

 

 

 

 

 

 

 

 

 

 

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 95 8290 7788 | Support Number : +91 94 8585 7788
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket