Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-3255 (GCVE-0-2020-3255)
Vulnerability from cvelistv5
Published
2020-05-06 16:41
Modified
2024-11-15 17:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Firepower Threat Defense Software |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:30:58.159Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200506 Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3255",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:21:29.568873Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:24:20.616Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Firepower Threat Defense Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-06T16:41:44",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200506 Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR"
}
],
"source": {
"advisory": "cisco-sa-ftd-dos-N2vQZASR",
"defect": [
[
"CSCvo80853"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-05-06T16:00:00-0700",
"ID": "CVE-2020-3255",
"STATE": "PUBLIC",
"TITLE": "Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Firepower Threat Defense Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.5",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200506 Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR"
}
]
},
"source": {
"advisory": "cisco-sa-ftd-dos-N2vQZASR",
"defect": [
[
"CSCvo80853"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3255",
"datePublished": "2020-05-06T16:41:44.426590Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-15T17:24:20.616Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2020-3255\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2020-05-06T17:15:12.667\",\"lastModified\":\"2024-11-21T05:30:40.023\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la funcionalidad de procesamiento de paquetes del Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) sobre un dispositivo afectado. La vulnerabilidad es debido a una administraci\u00f3n ineficiente de la memoria. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una alta tasa de tr\u00e1fico IPv4 o IPv6 a trav\u00e9s de un dispositivo afectado. Este tr\u00e1fico necesitar\u00eda coincidir con una acci\u00f3n de bloqueo configurada en una pol\u00edtica de control de acceso. Una explotaci\u00f3n podr\u00eda permitir a un atacante causar una condici\u00f3n de agotamiento de la memoria en el dispositivo afectado, lo que resultar\u00eda en una DoS para el tr\u00e1fico que transita el dispositivo, as\u00ed como un rendimiento lento de la interfaz de administraci\u00f3n. Una vez que se detiene la inundaci\u00f3n, el rendimiento debe volver a los estados anteriores.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV30\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2.3\",\"versionEndExcluding\":\"6.2.3.16\",\"matchCriteriaId\":\"C4B2E5D3-ED34-4A7E-BD8F-8492B6737677\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.3.0\",\"versionEndExcluding\":\"6.3.0.6\",\"matchCriteriaId\":\"9D27DE97-510A-4761-8184-6940745B54E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.4.0\",\"versionEndExcluding\":\"6.4.0.9\",\"matchCriteriaId\":\"06741056-2BFD-4F88-917A-F581F813B69E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_5505_firmware:9.10\\\\(1.3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEC2BDDE-4CBD-43C8-BFD9-DD2BE6A20E91\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_5510_firmware:9.10\\\\(1.3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC8EC7CF-6207-4A2E-89CE-13A0B2E4BC36\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B091B9BA-D4CA-435B-8D66-602B45F0E0BD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_5512-x_firmware:9.10\\\\(1.3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B2408C9-AAE7-48D2-ACEC-1BEE95AC95F9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08F0F160-DAD2-48D4-B7B2-4818B2526F35\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_5515-x_firmware:9.10\\\\(1.3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAB0DFDC-3111-44BE-ADCC-4F3B984AADB2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"977D597B-F6DE-4438-AB02-06BE64D71EBE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_5520_firmware:9.10\\\\(1.3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B94CB6D9-39AA-4EA6-AC1E-2A2B26828AC7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B387F62-6341-434D-903F-9B72E7F84ECB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_5525-x_firmware:9.10\\\\(1.3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEF25129-A5FE-4B05-BE69-F3D35F7A9F7C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB71EB29-0115-4307-A9F7-262394FD9FB0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_5540_firmware:9.10\\\\(1.3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4AD2A96-FF85-4BFD-8B3E-AD2D5D51A6CA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17C5A524-E1D9-480F-B655-0680AA5BF720\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_5545-x_firmware:9.10\\\\(1.3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF9159BA-CBE1-43F4-864C-3CF0B8AE8260\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57179F60-E330-4FF0-9664-B1E4637FF210\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_5550_firmware:9.10\\\\(1.3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FB38210-78F2-4414-A4A5-E885F3C9057B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6287D95-F564-44B7-A0F9-91396D7C2C4E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_5555-x_firmware:9.10\\\\(1.3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7F69272-B20B-4467-AA04-3C47AF2C1F58\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5535C936-391B-4619-AA03-B35265FC15D7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_5580_firmware:9.10\\\\(1.3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63EB7842-7311-4868-906C-13173E6F0149\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1E828B8-5ECC-4A09-B2AD-DEDC558713DE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_5585-x_firmware:9.10\\\\(1.3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37C822CE-5DCB-4E71-8876-CCC5DC664DAD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16AE20C2-C77E-4E04-BF13-A48696E52426\"}]}]}],\"references\":[{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR\", \"name\": \"20200506 Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T07:30:58.159Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2020-3255\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-15T16:21:29.568873Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-15T16:22:15.170Z\"}}], \"cna\": {\"title\": \"Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability\", \"source\": {\"defect\": [[\"CSCvo80853\"]], \"advisory\": \"cisco-sa-ftd-dos-N2vQZASR\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"cvssV3_0\": {\"scope\": \"UNCHANGED\", \"version\": \"3.0\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Firepower Threat Defense Software\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"datePublic\": \"2020-05-06T00:00:00\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR\", \"name\": \"20200506 Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2020-05-06T16:41:44\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"version\": \"3.0\", \"baseScore\": \"7.5\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\"}}, \"source\": {\"defect\": [[\"CSCvo80853\"]], \"advisory\": \"cisco-sa-ftd-dos-N2vQZASR\", \"discovery\": \"INTERNAL\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"Cisco Firepower Threat Defense Software\"}]}, \"vendor_name\": \"Cisco\"}]}}, \"exploit\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR\", \"name\": \"20200506 Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability\", \"refsource\": \"CISCO\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-400\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2020-3255\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability\", \"ASSIGNER\": \"psirt@cisco.com\", \"DATE_PUBLIC\": \"2020-05-06T16:00:00-0700\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2020-3255\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-15T17:24:20.616Z\", \"dateReserved\": \"2019-12-12T00:00:00\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2020-05-06T16:41:44.426590Z\", \"assignerShortName\": \"cisco\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
ghsa-fwmm-vfgg-4f84
Vulnerability from github
Published
2022-05-24 17:17
Modified
2022-05-24 17:17
VLAI Severity ?
Details
A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states.
{
"affected": [],
"aliases": [
"CVE-2020-3255"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-05-06T17:15:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states.",
"id": "GHSA-fwmm-vfgg-4f84",
"modified": "2022-05-24T17:17:18Z",
"published": "2022-05-24T17:17:18Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3255"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR"
}
],
"schema_version": "1.4.0",
"severity": []
}
cisco-sa-ftd-dos-n2vqzasr
Vulnerability from csaf_cisco
Published
2020-05-06 16:00
Modified
2020-06-02 20:53
Summary
Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability
Notes
Summary
A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is part of the May 2020 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication, which includes 12 Cisco Security Advisories that describe 12 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: May 2020 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication ["https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-73830"].
Vulnerable Products
This vulnerability affects Cisco products if they are running a vulnerable release of Cisco FTD Software and are configured with an access control policy to block certain types of traffic.
For information about which Cisco software releases are vulnerable, see the Fixed Software ["#fs"] section of this advisory.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products ["#vp"] section of this advisory are known to be affected by this vulnerability.
Cisco has confirmed this vulnerability does not affect Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Management Center (FMC) Software.
Workarounds
There are no workarounds that address this vulnerability.
Fixed Software
Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/end-user-license-agreement.html ["https://www.cisco.com/c/en/us/products/end-user-license-agreement.html"]
Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades.
When considering software upgrades ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page ["https://www.cisco.com/go/psirt"], to determine exposure and a complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html ["https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html"]
Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade.
Fixed Releases
In the following table(s), the left column lists Cisco software releases. The center column indicates whether a release is affected by the vulnerability described in this advisory and the first release that includes the fix for this vulnerability. The right column indicates whether a release is affected by any of the vulnerabilities described in this bundle and which release includes fixes for those vulnerabilities.
Cisco FTD Software
Cisco FTD Software Release First Fixed Release for This Vulnerability First Fixed Release for All Vulnerabilities Described in the Bundle of Advisories Earlier than 6.1.01 Migrate to a fixed release. Migrate to a fixed release. 6.1.0 Migrate to a fixed release. Migrate to a fixed release. 6.2.0 Migrate to a fixed release. Migrate to a fixed release. 6.2.1 Migrate to a fixed release. Migrate to a fixed release. 6.2.2 Migrate to a fixed release. Migrate to a fixed release. 6.2.3 6.2.3.16 (June 2020)
Cisco_FTD_Hotfix_DT-6.2.3.16-3.sh.REL.tar
Cisco_FTD_SSP_FP2K_Hotfix_DT-6.2.3.16-3.sh.REL.tar
Cisco_FTD_SSP_Hotfix_DT-6.2.3.16-3.sh.REL.tar 6.2.3.16 (June 2020)
Cisco_FTD_Hotfix_DT-6.2.3.16-3.sh.REL.tar
Cisco_FTD_SSP_FP2K_Hotfix_DT-6.2.3.16-3.sh.REL.tar
Cisco_FTD_SSP_Hotfix_DT-6.2.3.16-3.sh.REL.tar 6.3.0 6.3.0.6 (future release)
Cisco_FTD_Hotfix_AO-6.3.0.6-2.sh.REL.tar
Cisco_FTD_SSP_FP2K_Hotfix_ AO-6.3.0.6-2.sh.REL.tar
Cisco_FTD_SSP_Hotfix_ AO-6.3.0.6-2.sh.REL.tar 6.3.0.6 (future release)
Cisco_FTD_Hotfix_AO-6.3.0.6-2.sh.REL.tar
Cisco_FTD_SSP_FP2K_Hotfix_ AO-6.3.0.6-2.sh.REL.tar
Cisco_FTD_SSP_Hotfix_ AO-6.3.0.6-2.sh.REL.tar 6.4.0 6.4.0.9 6.4.0.9 6.5.0 Not vulnerable. 6.5.0.5 (future release)
Cisco_FTD_Hotfix_H-6.5.0.5-2.sh.REL.tar and later
Cisco_FTD_SSP_FP1K_Hotfix_H-6.5.0.5-2.sh.REL.tar and later
Cisco_FTD_SSP_FP2K_Hotfix_H-6.5.0.5-2.sh.REL.tar and later
Cisco_FTD_SSP_Hotfix_H-6.5.0.5-2.sh.REL.tar and later 6.6.0 Not vulnerable. 6.6.0
1. Cisco FMC and FTD Software releases 6.0.1 and earlier have reached end of software maintenance. Customers are advised to migrate to a supported release that includes the fix for this vulnerability.
To upgrade to a fixed release of Cisco FTD Software, customers can do one of the following:
For devices that are managed by using Cisco Firepower Management Center (FMC), use the FMC interface to install the upgrade. After installation is complete, reapply the access control policy.
For devices that are managed by using Cisco Firepower Device Manager (FDM), use the FDM interface to install the upgrade. After installation is complete, reapply the access control policy.
Vulnerability Policy
To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
Exploitation and Public Announcements
The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
Source
This vulnerability was found during internal security testing.
Legal Disclaimer
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.
{
"document": {
"acknowledgments": [
{
"summary": "This vulnerability was found during internal security testing."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"notes": [
{
"category": "summary",
"text": "A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThe vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states.\r\n\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\r\n\r\n\r\n\r\nThis advisory is part of the May 2020 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication, which includes 12 Cisco Security Advisories that describe 12 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: May 2020 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication [\"https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-73830\"].",
"title": "Summary"
},
{
"category": "general",
"text": "This vulnerability affects Cisco products if they are running a vulnerable release of Cisco FTD Software and are configured with an access control policy to block certain types of traffic.\r\n\r\nFor information about which Cisco software releases are vulnerable, see the Fixed Software [\"#fs\"] section of this advisory.",
"title": "Vulnerable Products"
},
{
"category": "general",
"text": "Only products listed in the Vulnerable Products [\"#vp\"] section of this advisory are known to be affected by this vulnerability.\r\n\r\nCisco has confirmed this vulnerability does not affect Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Management Center (FMC) Software.",
"title": "Products Confirmed Not Vulnerable"
},
{
"category": "general",
"text": "There are no workarounds that address this vulnerability.",
"title": "Workarounds"
},
{
"category": "general",
"text": "Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/end-user-license-agreement.html [\"https://www.cisco.com/c/en/us/products/end-user-license-agreement.html\"]\r\n\r\nAdditionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades.\r\n\r\nWhen considering software upgrades [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page [\"https://www.cisco.com/go/psirt\"], to determine exposure and a complete upgrade solution.\r\n\r\nIn all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.\r\n Customers Without Service Contracts\r\nCustomers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html [\"https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html\"]\r\n\r\nCustomers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade.\r\n Fixed Releases\r\nIn the following table(s), the left column lists Cisco software releases. The center column indicates whether a release is affected by the vulnerability described in this advisory and the first release that includes the fix for this vulnerability. The right column indicates whether a release is affected by any of the vulnerabilities described in this bundle and which release includes fixes for those vulnerabilities.\r\n\r\nCisco FTD Software\r\n Cisco FTD Software Release First Fixed Release for This Vulnerability First Fixed Release for All Vulnerabilities Described in the Bundle of Advisories Earlier than 6.1.01 Migrate to a fixed release. Migrate to a fixed release. 6.1.0 Migrate to a fixed release. Migrate to a fixed release. 6.2.0 Migrate to a fixed release. Migrate to a fixed release. 6.2.1 Migrate to a fixed release. Migrate to a fixed release. 6.2.2 Migrate to a fixed release. Migrate to a fixed release. 6.2.3 6.2.3.16 (June 2020)\r\nCisco_FTD_Hotfix_DT-6.2.3.16-3.sh.REL.tar\r\nCisco_FTD_SSP_FP2K_Hotfix_DT-6.2.3.16-3.sh.REL.tar\r\nCisco_FTD_SSP_Hotfix_DT-6.2.3.16-3.sh.REL.tar 6.2.3.16 (June 2020)\r\nCisco_FTD_Hotfix_DT-6.2.3.16-3.sh.REL.tar\r\nCisco_FTD_SSP_FP2K_Hotfix_DT-6.2.3.16-3.sh.REL.tar\r\nCisco_FTD_SSP_Hotfix_DT-6.2.3.16-3.sh.REL.tar 6.3.0 6.3.0.6 (future release)\r\nCisco_FTD_Hotfix_AO-6.3.0.6-2.sh.REL.tar\r\nCisco_FTD_SSP_FP2K_Hotfix_ AO-6.3.0.6-2.sh.REL.tar\r\nCisco_FTD_SSP_Hotfix_ AO-6.3.0.6-2.sh.REL.tar 6.3.0.6 (future release)\r\nCisco_FTD_Hotfix_AO-6.3.0.6-2.sh.REL.tar\r\nCisco_FTD_SSP_FP2K_Hotfix_ AO-6.3.0.6-2.sh.REL.tar\r\nCisco_FTD_SSP_Hotfix_ AO-6.3.0.6-2.sh.REL.tar 6.4.0 6.4.0.9 6.4.0.9 6.5.0 Not vulnerable. 6.5.0.5 (future release)\r\nCisco_FTD_Hotfix_H-6.5.0.5-2.sh.REL.tar and later\r\nCisco_FTD_SSP_FP1K_Hotfix_H-6.5.0.5-2.sh.REL.tar and later\r\nCisco_FTD_SSP_FP2K_Hotfix_H-6.5.0.5-2.sh.REL.tar and later\r\nCisco_FTD_SSP_Hotfix_H-6.5.0.5-2.sh.REL.tar and later 6.6.0 Not vulnerable. 6.6.0\r\n1. Cisco FMC and FTD Software releases 6.0.1 and earlier have reached end of software maintenance. Customers are advised to migrate to a supported release that includes the fix for this vulnerability.\r\n\r\nTo upgrade to a fixed release of Cisco FTD Software, customers can do one of the following:\r\n\r\nFor devices that are managed by using Cisco Firepower Management Center (FMC), use the FMC interface to install the upgrade. After installation is complete, reapply the access control policy.\r\nFor devices that are managed by using Cisco Firepower Device Manager (FDM), use the FDM interface to install the upgrade. After installation is complete, reapply the access control policy.",
"title": "Fixed Software"
},
{
"category": "general",
"text": "To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html\"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.",
"title": "Vulnerability Policy"
},
{
"category": "general",
"text": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
"title": "Exploitation and Public Announcements"
},
{
"category": "general",
"text": "This vulnerability was found during internal security testing.",
"title": "Source"
},
{
"category": "legal_disclaimer",
"text": "THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.\r\n\r\nA standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.",
"title": "Legal Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@cisco.com",
"issuing_authority": "Cisco PSIRT",
"name": "Cisco",
"namespace": "https://wwww.cisco.com"
},
"references": [
{
"category": "self",
"summary": "Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR"
},
{
"category": "external",
"summary": "Cisco Event Response: May 2020 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication",
"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-73830"
},
{
"category": "external",
"summary": "Cisco Security Vulnerability Policy",
"url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"
},
{
"category": "external",
"summary": "https://www.cisco.com/c/en/us/products/end-user-license-agreement.html",
"url": "https://www.cisco.com/c/en/us/products/end-user-license-agreement.html"
},
{
"category": "external",
"summary": "considering software upgrades",
"url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"
},
{
"category": "external",
"summary": "Cisco Security Advisories and Alerts page",
"url": "https://www.cisco.com/go/psirt"
},
{
"category": "external",
"summary": "https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html",
"url": "https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html"
}
],
"title": "Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability",
"tracking": {
"current_release_date": "2020-06-02T20:53:05+00:00",
"generator": {
"date": "2025-10-13T15:38:51+00:00",
"engine": {
"name": "TVCE"
}
},
"id": "cisco-sa-ftd-dos-N2vQZASR",
"initial_release_date": "2020-05-06T16:00:00+00:00",
"revision_history": [
{
"date": "2020-05-05T16:46:59+00:00",
"number": "1.0.0",
"summary": "Initial public release."
},
{
"date": "2020-05-15T14:47:19+00:00",
"number": "1.1.0",
"summary": "Updated Hot Fixes for FTD releases 6.4.0 and 6.5.0."
},
{
"date": "2020-06-02T20:53:05+00:00",
"number": "1.2.0",
"summary": "Updated fixed release information for FTD Release 6.4.0."
}
],
"status": "final",
"version": "1.2.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "service_pack",
"name": "6.0.1",
"product": {
"name": "6.0.1",
"product_id": "CSAFPID-220206"
}
},
{
"category": "service_pack",
"name": "6.0.1.3",
"product": {
"name": "6.0.1.3",
"product_id": "CSAFPID-227125"
}
},
{
"category": "service_pack",
"name": "6.0.1.1",
"product": {
"name": "6.0.1.1",
"product_id": "CSAFPID-232931"
}
},
{
"category": "service_pack",
"name": "6.0.1.2",
"product": {
"name": "6.0.1.2",
"product_id": "CSAFPID-232932"
}
},
{
"category": "service_pack",
"name": "6.0.1.4",
"product": {
"name": "6.0.1.4",
"product_id": "CSAFPID-232933"
}
}
],
"category": "product_version",
"name": "6.0"
},
{
"branches": [
{
"category": "service_pack",
"name": "6.1.0",
"product": {
"name": "6.1.0",
"product_id": "CSAFPID-223033"
}
},
{
"category": "service_pack",
"name": "6.1.0.2",
"product": {
"name": "6.1.0.2",
"product_id": "CSAFPID-226358"
}
},
{
"category": "service_pack",
"name": "6.1.0.1",
"product": {
"name": "6.1.0.1",
"product_id": "CSAFPID-232920"
}
},
{
"category": "service_pack",
"name": "6.1.0.3",
"product": {
"name": "6.1.0.3",
"product_id": "CSAFPID-232921"
}
},
{
"category": "service_pack",
"name": "6.1.0.4",
"product": {
"name": "6.1.0.4",
"product_id": "CSAFPID-232922"
}
},
{
"category": "service_pack",
"name": "6.1.0.5",
"product": {
"name": "6.1.0.5",
"product_id": "CSAFPID-232923"
}
},
{
"category": "service_pack",
"name": "6.1.0.6",
"product": {
"name": "6.1.0.6",
"product_id": "CSAFPID-232924"
}
},
{
"category": "service_pack",
"name": "6.1.0.7",
"product": {
"name": "6.1.0.7",
"product_id": "CSAFPID-251753"
}
}
],
"category": "product_version",
"name": "6.1"
},
{
"branches": [
{
"category": "service_pack",
"name": "6.2.0",
"product": {
"name": "6.2.0",
"product_id": "CSAFPID-225827"
}
},
{
"category": "service_pack",
"name": "6.2.1",
"product": {
"name": "6.2.1",
"product_id": "CSAFPID-226359"
}
},
{
"category": "service_pack",
"name": "6.2.2",
"product": {
"name": "6.2.2",
"product_id": "CSAFPID-226360"
}
},
{
"category": "service_pack",
"name": "6.2.0.1",
"product": {
"name": "6.2.0.1",
"product_id": "CSAFPID-232925"
}
},
{
"category": "service_pack",
"name": "6.2.0.2",
"product": {
"name": "6.2.0.2",
"product_id": "CSAFPID-232926"
}
},
{
"category": "service_pack",
"name": "6.2.0.3",
"product": {
"name": "6.2.0.3",
"product_id": "CSAFPID-232927"
}
},
{
"category": "service_pack",
"name": "6.2.0.4",
"product": {
"name": "6.2.0.4",
"product_id": "CSAFPID-232928"
}
},
{
"category": "service_pack",
"name": "6.2.2.1",
"product": {
"name": "6.2.2.1",
"product_id": "CSAFPID-232929"
}
},
{
"category": "service_pack",
"name": "6.2.2.2",
"product": {
"name": "6.2.2.2",
"product_id": "CSAFPID-232930"
}
},
{
"category": "service_pack",
"name": "6.2.3",
"product": {
"name": "6.2.3",
"product_id": "CSAFPID-233334"
}
},
{
"category": "service_pack",
"name": "6.2.3.1",
"product": {
"name": "6.2.3.1",
"product_id": "CSAFPID-245396"
}
},
{
"category": "service_pack",
"name": "6.2.3.2",
"product": {
"name": "6.2.3.2",
"product_id": "CSAFPID-245397"
}
},
{
"category": "service_pack",
"name": "6.2.3.3",
"product": {
"name": "6.2.3.3",
"product_id": "CSAFPID-245398"
}
},
{
"category": "service_pack",
"name": "6.2.3.4",
"product": {
"name": "6.2.3.4",
"product_id": "CSAFPID-247893"
}
},
{
"category": "service_pack",
"name": "6.2.3.5",
"product": {
"name": "6.2.3.5",
"product_id": "CSAFPID-247894"
}
},
{
"category": "service_pack",
"name": "6.2.2.3",
"product": {
"name": "6.2.2.3",
"product_id": "CSAFPID-247895"
}
},
{
"category": "service_pack",
"name": "6.2.2.4",
"product": {
"name": "6.2.2.4",
"product_id": "CSAFPID-247896"
}
},
{
"category": "service_pack",
"name": "6.2.0.5",
"product": {
"name": "6.2.0.5",
"product_id": "CSAFPID-247897"
}
},
{
"category": "service_pack",
"name": "6.2.0.6",
"product": {
"name": "6.2.0.6",
"product_id": "CSAFPID-247898"
}
},
{
"category": "service_pack",
"name": "6.2.3.6",
"product": {
"name": "6.2.3.6",
"product_id": "CSAFPID-248816"
}
},
{
"category": "service_pack",
"name": "6.2.0.7",
"product": {
"name": "6.2.0.7",
"product_id": "CSAFPID-251754"
}
},
{
"category": "service_pack",
"name": "6.2.2.5",
"product": {
"name": "6.2.2.5",
"product_id": "CSAFPID-251755"
}
},
{
"category": "service_pack",
"name": "6.2.3.7",
"product": {
"name": "6.2.3.7",
"product_id": "CSAFPID-251756"
}
},
{
"category": "service_pack",
"name": "6.2.3.8",
"product": {
"name": "6.2.3.8",
"product_id": "CSAFPID-251757"
}
},
{
"category": "service_pack",
"name": "6.2.3.10",
"product": {
"name": "6.2.3.10",
"product_id": "CSAFPID-258063"
}
},
{
"category": "service_pack",
"name": "6.2.3.11",
"product": {
"name": "6.2.3.11",
"product_id": "CSAFPID-258064"
}
},
{
"category": "service_pack",
"name": "6.2.3.9",
"product": {
"name": "6.2.3.9",
"product_id": "CSAFPID-258915"
}
},
{
"category": "service_pack",
"name": "6.2.3.12",
"product": {
"name": "6.2.3.12",
"product_id": "CSAFPID-265011"
}
},
{
"category": "service_pack",
"name": "6.2.3.13",
"product": {
"name": "6.2.3.13",
"product_id": "CSAFPID-267675"
}
},
{
"category": "service_pack",
"name": "6.2.3.14",
"product": {
"name": "6.2.3.14",
"product_id": "CSAFPID-267676"
}
},
{
"category": "service_pack",
"name": "6.2.3.15",
"product": {
"name": "6.2.3.15",
"product_id": "CSAFPID-275475"
}
}
],
"category": "product_version",
"name": "6.2"
},
{
"branches": [
{
"category": "service_pack",
"name": "6.3.0",
"product": {
"name": "6.3.0",
"product_id": "CSAFPID-251759"
}
},
{
"category": "service_pack",
"name": "6.3.0.1",
"product": {
"name": "6.3.0.1",
"product_id": "CSAFPID-258065"
}
},
{
"category": "service_pack",
"name": "6.3.0.2",
"product": {
"name": "6.3.0.2",
"product_id": "CSAFPID-258066"
}
},
{
"category": "service_pack",
"name": "6.3.0.3",
"product": {
"name": "6.3.0.3",
"product_id": "CSAFPID-265012"
}
},
{
"category": "service_pack",
"name": "6.3.0.4",
"product": {
"name": "6.3.0.4",
"product_id": "CSAFPID-268603"
}
},
{
"category": "service_pack",
"name": "6.3.0.5",
"product": {
"name": "6.3.0.5",
"product_id": "CSAFPID-276932"
}
}
],
"category": "product_version",
"name": "6.3"
},
{
"branches": [
{
"category": "service_pack",
"name": "6.4.0",
"product": {
"name": "6.4.0",
"product_id": "CSAFPID-265014"
}
},
{
"category": "service_pack",
"name": "6.4.0.1",
"product": {
"name": "6.4.0.1",
"product_id": "CSAFPID-265015"
}
},
{
"category": "service_pack",
"name": "6.4.0.3",
"product": {
"name": "6.4.0.3",
"product_id": "CSAFPID-265950"
}
},
{
"category": "service_pack",
"name": "6.4.0.2",
"product": {
"name": "6.4.0.2",
"product_id": "CSAFPID-268602"
}
},
{
"category": "service_pack",
"name": "6.4.0.4",
"product": {
"name": "6.4.0.4",
"product_id": "CSAFPID-276372"
}
},
{
"category": "service_pack",
"name": "6.4.0.5",
"product": {
"name": "6.4.0.5",
"product_id": "CSAFPID-276373"
}
},
{
"category": "service_pack",
"name": "6.4.0.6",
"product": {
"name": "6.4.0.6",
"product_id": "CSAFPID-276933"
}
},
{
"category": "service_pack",
"name": "6.4.0.7",
"product": {
"name": "6.4.0.7",
"product_id": "CSAFPID-276934"
}
},
{
"category": "service_pack",
"name": "6.4.0.8",
"product": {
"name": "6.4.0.8",
"product_id": "CSAFPID-276935"
}
}
],
"category": "product_version",
"name": "6.4"
}
],
"category": "product_family",
"name": "Cisco Secure Firewall Threat Defense (FTD) Software"
}
],
"category": "vendor",
"name": "Cisco"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-3255",
"ids": [
{
"system_name": "Cisco Bug ID",
"text": "CSCvo80853"
}
],
"notes": [
{
"category": "other",
"text": "Complete.",
"title": "Affected Product Comprehensiveness"
}
],
"product_status": {
"known_affected": [
"CSAFPID-220206",
"CSAFPID-223033",
"CSAFPID-225827",
"CSAFPID-226358",
"CSAFPID-226359",
"CSAFPID-226360",
"CSAFPID-227125",
"CSAFPID-232920",
"CSAFPID-232921",
"CSAFPID-232922",
"CSAFPID-232923",
"CSAFPID-232924",
"CSAFPID-232925",
"CSAFPID-232926",
"CSAFPID-232927",
"CSAFPID-232928",
"CSAFPID-232929",
"CSAFPID-232930",
"CSAFPID-232931",
"CSAFPID-232932",
"CSAFPID-232933",
"CSAFPID-233334",
"CSAFPID-245396",
"CSAFPID-245397",
"CSAFPID-245398",
"CSAFPID-247893",
"CSAFPID-247894",
"CSAFPID-247895",
"CSAFPID-247896",
"CSAFPID-247897",
"CSAFPID-247898",
"CSAFPID-248816",
"CSAFPID-251753",
"CSAFPID-251754",
"CSAFPID-251755",
"CSAFPID-251756",
"CSAFPID-251757",
"CSAFPID-251759",
"CSAFPID-258063",
"CSAFPID-258064",
"CSAFPID-258065",
"CSAFPID-258066",
"CSAFPID-258915",
"CSAFPID-265011",
"CSAFPID-265012",
"CSAFPID-265014",
"CSAFPID-265015",
"CSAFPID-265950",
"CSAFPID-267675",
"CSAFPID-267676",
"CSAFPID-268602",
"CSAFPID-268603",
"CSAFPID-275475",
"CSAFPID-276372",
"CSAFPID-276373",
"CSAFPID-276932",
"CSAFPID-276933",
"CSAFPID-276934",
"CSAFPID-276935"
]
},
"release_date": "2020-05-06T16:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Cisco has released software updates that address this vulnerability.",
"product_ids": [
"CSAFPID-220206",
"CSAFPID-223033",
"CSAFPID-225827",
"CSAFPID-226358",
"CSAFPID-226359",
"CSAFPID-226360",
"CSAFPID-227125",
"CSAFPID-232920",
"CSAFPID-232921",
"CSAFPID-232922",
"CSAFPID-232923",
"CSAFPID-232924",
"CSAFPID-232925",
"CSAFPID-232926",
"CSAFPID-232927",
"CSAFPID-232928",
"CSAFPID-232929",
"CSAFPID-232930",
"CSAFPID-232931",
"CSAFPID-232932",
"CSAFPID-232933",
"CSAFPID-233334",
"CSAFPID-245396",
"CSAFPID-245397",
"CSAFPID-245398",
"CSAFPID-247893",
"CSAFPID-247894",
"CSAFPID-247895",
"CSAFPID-247896",
"CSAFPID-247897",
"CSAFPID-247898",
"CSAFPID-248816",
"CSAFPID-251753",
"CSAFPID-251754",
"CSAFPID-251755",
"CSAFPID-251756",
"CSAFPID-251757",
"CSAFPID-251759",
"CSAFPID-258063",
"CSAFPID-258064",
"CSAFPID-258065",
"CSAFPID-258066",
"CSAFPID-258915",
"CSAFPID-265011",
"CSAFPID-265012",
"CSAFPID-265014",
"CSAFPID-265015",
"CSAFPID-265950",
"CSAFPID-267675",
"CSAFPID-267676",
"CSAFPID-268602",
"CSAFPID-268603",
"CSAFPID-275475",
"CSAFPID-276372",
"CSAFPID-276373",
"CSAFPID-276932",
"CSAFPID-276933",
"CSAFPID-276934",
"CSAFPID-276935"
],
"url": "https://software.cisco.com"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-220206",
"CSAFPID-223033",
"CSAFPID-225827",
"CSAFPID-226358",
"CSAFPID-226359",
"CSAFPID-226360",
"CSAFPID-227125",
"CSAFPID-232920",
"CSAFPID-232921",
"CSAFPID-232922",
"CSAFPID-232923",
"CSAFPID-232924",
"CSAFPID-232925",
"CSAFPID-232926",
"CSAFPID-232927",
"CSAFPID-232928",
"CSAFPID-232929",
"CSAFPID-232930",
"CSAFPID-232931",
"CSAFPID-232932",
"CSAFPID-232933",
"CSAFPID-233334",
"CSAFPID-245396",
"CSAFPID-245397",
"CSAFPID-245398",
"CSAFPID-247893",
"CSAFPID-247894",
"CSAFPID-247895",
"CSAFPID-247896",
"CSAFPID-247897",
"CSAFPID-247898",
"CSAFPID-248816",
"CSAFPID-251753",
"CSAFPID-251754",
"CSAFPID-251755",
"CSAFPID-251756",
"CSAFPID-251757",
"CSAFPID-251759",
"CSAFPID-258063",
"CSAFPID-258064",
"CSAFPID-258065",
"CSAFPID-258066",
"CSAFPID-258915",
"CSAFPID-265011",
"CSAFPID-265012",
"CSAFPID-265014",
"CSAFPID-265015",
"CSAFPID-265950",
"CSAFPID-267675",
"CSAFPID-267676",
"CSAFPID-268602",
"CSAFPID-268603",
"CSAFPID-275475",
"CSAFPID-276372",
"CSAFPID-276373",
"CSAFPID-276932",
"CSAFPID-276933",
"CSAFPID-276934",
"CSAFPID-276935"
]
}
],
"title": "Cisco ASA and FTD Software UDP Flood Denial of Service Vulnerability"
}
]
}
cisco-sa-ftd-dos-N2vQZASR
Vulnerability from csaf_cisco
Published
2020-05-06 16:00
Modified
2020-06-02 20:53
Summary
Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability
Notes
Summary
A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is part of the May 2020 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication, which includes 12 Cisco Security Advisories that describe 12 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: May 2020 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication ["https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-73830"].
Vulnerable Products
This vulnerability affects Cisco products if they are running a vulnerable release of Cisco FTD Software and are configured with an access control policy to block certain types of traffic.
For information about which Cisco software releases are vulnerable, see the Fixed Software ["#fs"] section of this advisory.
Products Confirmed Not Vulnerable
Only products listed in the Vulnerable Products ["#vp"] section of this advisory are known to be affected by this vulnerability.
Cisco has confirmed this vulnerability does not affect Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Management Center (FMC) Software.
Workarounds
There are no workarounds that address this vulnerability.
Fixed Software
Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/end-user-license-agreement.html ["https://www.cisco.com/c/en/us/products/end-user-license-agreement.html"]
Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades.
When considering software upgrades ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page ["https://www.cisco.com/go/psirt"], to determine exposure and a complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.
Customers Without Service Contracts
Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html ["https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html"]
Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade.
Fixed Releases
In the following table(s), the left column lists Cisco software releases. The center column indicates whether a release is affected by the vulnerability described in this advisory and the first release that includes the fix for this vulnerability. The right column indicates whether a release is affected by any of the vulnerabilities described in this bundle and which release includes fixes for those vulnerabilities.
Cisco FTD Software
Cisco FTD Software Release First Fixed Release for This Vulnerability First Fixed Release for All Vulnerabilities Described in the Bundle of Advisories Earlier than 6.1.01 Migrate to a fixed release. Migrate to a fixed release. 6.1.0 Migrate to a fixed release. Migrate to a fixed release. 6.2.0 Migrate to a fixed release. Migrate to a fixed release. 6.2.1 Migrate to a fixed release. Migrate to a fixed release. 6.2.2 Migrate to a fixed release. Migrate to a fixed release. 6.2.3 6.2.3.16 (June 2020)
Cisco_FTD_Hotfix_DT-6.2.3.16-3.sh.REL.tar
Cisco_FTD_SSP_FP2K_Hotfix_DT-6.2.3.16-3.sh.REL.tar
Cisco_FTD_SSP_Hotfix_DT-6.2.3.16-3.sh.REL.tar 6.2.3.16 (June 2020)
Cisco_FTD_Hotfix_DT-6.2.3.16-3.sh.REL.tar
Cisco_FTD_SSP_FP2K_Hotfix_DT-6.2.3.16-3.sh.REL.tar
Cisco_FTD_SSP_Hotfix_DT-6.2.3.16-3.sh.REL.tar 6.3.0 6.3.0.6 (future release)
Cisco_FTD_Hotfix_AO-6.3.0.6-2.sh.REL.tar
Cisco_FTD_SSP_FP2K_Hotfix_ AO-6.3.0.6-2.sh.REL.tar
Cisco_FTD_SSP_Hotfix_ AO-6.3.0.6-2.sh.REL.tar 6.3.0.6 (future release)
Cisco_FTD_Hotfix_AO-6.3.0.6-2.sh.REL.tar
Cisco_FTD_SSP_FP2K_Hotfix_ AO-6.3.0.6-2.sh.REL.tar
Cisco_FTD_SSP_Hotfix_ AO-6.3.0.6-2.sh.REL.tar 6.4.0 6.4.0.9 6.4.0.9 6.5.0 Not vulnerable. 6.5.0.5 (future release)
Cisco_FTD_Hotfix_H-6.5.0.5-2.sh.REL.tar and later
Cisco_FTD_SSP_FP1K_Hotfix_H-6.5.0.5-2.sh.REL.tar and later
Cisco_FTD_SSP_FP2K_Hotfix_H-6.5.0.5-2.sh.REL.tar and later
Cisco_FTD_SSP_Hotfix_H-6.5.0.5-2.sh.REL.tar and later 6.6.0 Not vulnerable. 6.6.0
1. Cisco FMC and FTD Software releases 6.0.1 and earlier have reached end of software maintenance. Customers are advised to migrate to a supported release that includes the fix for this vulnerability.
To upgrade to a fixed release of Cisco FTD Software, customers can do one of the following:
For devices that are managed by using Cisco Firepower Management Center (FMC), use the FMC interface to install the upgrade. After installation is complete, reapply the access control policy.
For devices that are managed by using Cisco Firepower Device Manager (FDM), use the FDM interface to install the upgrade. After installation is complete, reapply the access control policy.
Vulnerability Policy
To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
Exploitation and Public Announcements
The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
Source
This vulnerability was found during internal security testing.
Legal Disclaimer
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.
{
"document": {
"acknowledgments": [
{
"summary": "This vulnerability was found during internal security testing."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"notes": [
{
"category": "summary",
"text": "A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThe vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states.\r\n\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\r\n\r\n\r\n\r\nThis advisory is part of the May 2020 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication, which includes 12 Cisco Security Advisories that describe 12 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: May 2020 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication [\"https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-73830\"].",
"title": "Summary"
},
{
"category": "general",
"text": "This vulnerability affects Cisco products if they are running a vulnerable release of Cisco FTD Software and are configured with an access control policy to block certain types of traffic.\r\n\r\nFor information about which Cisco software releases are vulnerable, see the Fixed Software [\"#fs\"] section of this advisory.",
"title": "Vulnerable Products"
},
{
"category": "general",
"text": "Only products listed in the Vulnerable Products [\"#vp\"] section of this advisory are known to be affected by this vulnerability.\r\n\r\nCisco has confirmed this vulnerability does not affect Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Management Center (FMC) Software.",
"title": "Products Confirmed Not Vulnerable"
},
{
"category": "general",
"text": "There are no workarounds that address this vulnerability.",
"title": "Workarounds"
},
{
"category": "general",
"text": "Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/end-user-license-agreement.html [\"https://www.cisco.com/c/en/us/products/end-user-license-agreement.html\"]\r\n\r\nAdditionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades.\r\n\r\nWhen considering software upgrades [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes\"], customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page [\"https://www.cisco.com/go/psirt\"], to determine exposure and a complete upgrade solution.\r\n\r\nIn all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.\r\n Customers Without Service Contracts\r\nCustomers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html [\"https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html\"]\r\n\r\nCustomers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade.\r\n Fixed Releases\r\nIn the following table(s), the left column lists Cisco software releases. The center column indicates whether a release is affected by the vulnerability described in this advisory and the first release that includes the fix for this vulnerability. The right column indicates whether a release is affected by any of the vulnerabilities described in this bundle and which release includes fixes for those vulnerabilities.\r\n\r\nCisco FTD Software\r\n Cisco FTD Software Release First Fixed Release for This Vulnerability First Fixed Release for All Vulnerabilities Described in the Bundle of Advisories Earlier than 6.1.01 Migrate to a fixed release. Migrate to a fixed release. 6.1.0 Migrate to a fixed release. Migrate to a fixed release. 6.2.0 Migrate to a fixed release. Migrate to a fixed release. 6.2.1 Migrate to a fixed release. Migrate to a fixed release. 6.2.2 Migrate to a fixed release. Migrate to a fixed release. 6.2.3 6.2.3.16 (June 2020)\r\nCisco_FTD_Hotfix_DT-6.2.3.16-3.sh.REL.tar\r\nCisco_FTD_SSP_FP2K_Hotfix_DT-6.2.3.16-3.sh.REL.tar\r\nCisco_FTD_SSP_Hotfix_DT-6.2.3.16-3.sh.REL.tar 6.2.3.16 (June 2020)\r\nCisco_FTD_Hotfix_DT-6.2.3.16-3.sh.REL.tar\r\nCisco_FTD_SSP_FP2K_Hotfix_DT-6.2.3.16-3.sh.REL.tar\r\nCisco_FTD_SSP_Hotfix_DT-6.2.3.16-3.sh.REL.tar 6.3.0 6.3.0.6 (future release)\r\nCisco_FTD_Hotfix_AO-6.3.0.6-2.sh.REL.tar\r\nCisco_FTD_SSP_FP2K_Hotfix_ AO-6.3.0.6-2.sh.REL.tar\r\nCisco_FTD_SSP_Hotfix_ AO-6.3.0.6-2.sh.REL.tar 6.3.0.6 (future release)\r\nCisco_FTD_Hotfix_AO-6.3.0.6-2.sh.REL.tar\r\nCisco_FTD_SSP_FP2K_Hotfix_ AO-6.3.0.6-2.sh.REL.tar\r\nCisco_FTD_SSP_Hotfix_ AO-6.3.0.6-2.sh.REL.tar 6.4.0 6.4.0.9 6.4.0.9 6.5.0 Not vulnerable. 6.5.0.5 (future release)\r\nCisco_FTD_Hotfix_H-6.5.0.5-2.sh.REL.tar and later\r\nCisco_FTD_SSP_FP1K_Hotfix_H-6.5.0.5-2.sh.REL.tar and later\r\nCisco_FTD_SSP_FP2K_Hotfix_H-6.5.0.5-2.sh.REL.tar and later\r\nCisco_FTD_SSP_Hotfix_H-6.5.0.5-2.sh.REL.tar and later 6.6.0 Not vulnerable. 6.6.0\r\n1. Cisco FMC and FTD Software releases 6.0.1 and earlier have reached end of software maintenance. Customers are advised to migrate to a supported release that includes the fix for this vulnerability.\r\n\r\nTo upgrade to a fixed release of Cisco FTD Software, customers can do one of the following:\r\n\r\nFor devices that are managed by using Cisco Firepower Management Center (FMC), use the FMC interface to install the upgrade. After installation is complete, reapply the access control policy.\r\nFor devices that are managed by using Cisco Firepower Device Manager (FDM), use the FDM interface to install the upgrade. After installation is complete, reapply the access control policy.",
"title": "Fixed Software"
},
{
"category": "general",
"text": "To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html\"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.",
"title": "Vulnerability Policy"
},
{
"category": "general",
"text": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
"title": "Exploitation and Public Announcements"
},
{
"category": "general",
"text": "This vulnerability was found during internal security testing.",
"title": "Source"
},
{
"category": "legal_disclaimer",
"text": "THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.\r\n\r\nA standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.",
"title": "Legal Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@cisco.com",
"issuing_authority": "Cisco PSIRT",
"name": "Cisco",
"namespace": "https://wwww.cisco.com"
},
"references": [
{
"category": "self",
"summary": "Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR"
},
{
"category": "external",
"summary": "Cisco Event Response: May 2020 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication",
"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-73830"
},
{
"category": "external",
"summary": "Cisco Security Vulnerability Policy",
"url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"
},
{
"category": "external",
"summary": "https://www.cisco.com/c/en/us/products/end-user-license-agreement.html",
"url": "https://www.cisco.com/c/en/us/products/end-user-license-agreement.html"
},
{
"category": "external",
"summary": "considering software upgrades",
"url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html#fixes"
},
{
"category": "external",
"summary": "Cisco Security Advisories and Alerts page",
"url": "https://www.cisco.com/go/psirt"
},
{
"category": "external",
"summary": "https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html",
"url": "https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html"
}
],
"title": "Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability",
"tracking": {
"current_release_date": "2020-06-02T20:53:05+00:00",
"generator": {
"date": "2025-10-13T15:38:51+00:00",
"engine": {
"name": "TVCE"
}
},
"id": "cisco-sa-ftd-dos-N2vQZASR",
"initial_release_date": "2020-05-06T16:00:00+00:00",
"revision_history": [
{
"date": "2020-05-05T16:46:59+00:00",
"number": "1.0.0",
"summary": "Initial public release."
},
{
"date": "2020-05-15T14:47:19+00:00",
"number": "1.1.0",
"summary": "Updated Hot Fixes for FTD releases 6.4.0 and 6.5.0."
},
{
"date": "2020-06-02T20:53:05+00:00",
"number": "1.2.0",
"summary": "Updated fixed release information for FTD Release 6.4.0."
}
],
"status": "final",
"version": "1.2.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "service_pack",
"name": "6.0.1",
"product": {
"name": "6.0.1",
"product_id": "CSAFPID-220206"
}
},
{
"category": "service_pack",
"name": "6.0.1.3",
"product": {
"name": "6.0.1.3",
"product_id": "CSAFPID-227125"
}
},
{
"category": "service_pack",
"name": "6.0.1.1",
"product": {
"name": "6.0.1.1",
"product_id": "CSAFPID-232931"
}
},
{
"category": "service_pack",
"name": "6.0.1.2",
"product": {
"name": "6.0.1.2",
"product_id": "CSAFPID-232932"
}
},
{
"category": "service_pack",
"name": "6.0.1.4",
"product": {
"name": "6.0.1.4",
"product_id": "CSAFPID-232933"
}
}
],
"category": "product_version",
"name": "6.0"
},
{
"branches": [
{
"category": "service_pack",
"name": "6.1.0",
"product": {
"name": "6.1.0",
"product_id": "CSAFPID-223033"
}
},
{
"category": "service_pack",
"name": "6.1.0.2",
"product": {
"name": "6.1.0.2",
"product_id": "CSAFPID-226358"
}
},
{
"category": "service_pack",
"name": "6.1.0.1",
"product": {
"name": "6.1.0.1",
"product_id": "CSAFPID-232920"
}
},
{
"category": "service_pack",
"name": "6.1.0.3",
"product": {
"name": "6.1.0.3",
"product_id": "CSAFPID-232921"
}
},
{
"category": "service_pack",
"name": "6.1.0.4",
"product": {
"name": "6.1.0.4",
"product_id": "CSAFPID-232922"
}
},
{
"category": "service_pack",
"name": "6.1.0.5",
"product": {
"name": "6.1.0.5",
"product_id": "CSAFPID-232923"
}
},
{
"category": "service_pack",
"name": "6.1.0.6",
"product": {
"name": "6.1.0.6",
"product_id": "CSAFPID-232924"
}
},
{
"category": "service_pack",
"name": "6.1.0.7",
"product": {
"name": "6.1.0.7",
"product_id": "CSAFPID-251753"
}
}
],
"category": "product_version",
"name": "6.1"
},
{
"branches": [
{
"category": "service_pack",
"name": "6.2.0",
"product": {
"name": "6.2.0",
"product_id": "CSAFPID-225827"
}
},
{
"category": "service_pack",
"name": "6.2.1",
"product": {
"name": "6.2.1",
"product_id": "CSAFPID-226359"
}
},
{
"category": "service_pack",
"name": "6.2.2",
"product": {
"name": "6.2.2",
"product_id": "CSAFPID-226360"
}
},
{
"category": "service_pack",
"name": "6.2.0.1",
"product": {
"name": "6.2.0.1",
"product_id": "CSAFPID-232925"
}
},
{
"category": "service_pack",
"name": "6.2.0.2",
"product": {
"name": "6.2.0.2",
"product_id": "CSAFPID-232926"
}
},
{
"category": "service_pack",
"name": "6.2.0.3",
"product": {
"name": "6.2.0.3",
"product_id": "CSAFPID-232927"
}
},
{
"category": "service_pack",
"name": "6.2.0.4",
"product": {
"name": "6.2.0.4",
"product_id": "CSAFPID-232928"
}
},
{
"category": "service_pack",
"name": "6.2.2.1",
"product": {
"name": "6.2.2.1",
"product_id": "CSAFPID-232929"
}
},
{
"category": "service_pack",
"name": "6.2.2.2",
"product": {
"name": "6.2.2.2",
"product_id": "CSAFPID-232930"
}
},
{
"category": "service_pack",
"name": "6.2.3",
"product": {
"name": "6.2.3",
"product_id": "CSAFPID-233334"
}
},
{
"category": "service_pack",
"name": "6.2.3.1",
"product": {
"name": "6.2.3.1",
"product_id": "CSAFPID-245396"
}
},
{
"category": "service_pack",
"name": "6.2.3.2",
"product": {
"name": "6.2.3.2",
"product_id": "CSAFPID-245397"
}
},
{
"category": "service_pack",
"name": "6.2.3.3",
"product": {
"name": "6.2.3.3",
"product_id": "CSAFPID-245398"
}
},
{
"category": "service_pack",
"name": "6.2.3.4",
"product": {
"name": "6.2.3.4",
"product_id": "CSAFPID-247893"
}
},
{
"category": "service_pack",
"name": "6.2.3.5",
"product": {
"name": "6.2.3.5",
"product_id": "CSAFPID-247894"
}
},
{
"category": "service_pack",
"name": "6.2.2.3",
"product": {
"name": "6.2.2.3",
"product_id": "CSAFPID-247895"
}
},
{
"category": "service_pack",
"name": "6.2.2.4",
"product": {
"name": "6.2.2.4",
"product_id": "CSAFPID-247896"
}
},
{
"category": "service_pack",
"name": "6.2.0.5",
"product": {
"name": "6.2.0.5",
"product_id": "CSAFPID-247897"
}
},
{
"category": "service_pack",
"name": "6.2.0.6",
"product": {
"name": "6.2.0.6",
"product_id": "CSAFPID-247898"
}
},
{
"category": "service_pack",
"name": "6.2.3.6",
"product": {
"name": "6.2.3.6",
"product_id": "CSAFPID-248816"
}
},
{
"category": "service_pack",
"name": "6.2.0.7",
"product": {
"name": "6.2.0.7",
"product_id": "CSAFPID-251754"
}
},
{
"category": "service_pack",
"name": "6.2.2.5",
"product": {
"name": "6.2.2.5",
"product_id": "CSAFPID-251755"
}
},
{
"category": "service_pack",
"name": "6.2.3.7",
"product": {
"name": "6.2.3.7",
"product_id": "CSAFPID-251756"
}
},
{
"category": "service_pack",
"name": "6.2.3.8",
"product": {
"name": "6.2.3.8",
"product_id": "CSAFPID-251757"
}
},
{
"category": "service_pack",
"name": "6.2.3.10",
"product": {
"name": "6.2.3.10",
"product_id": "CSAFPID-258063"
}
},
{
"category": "service_pack",
"name": "6.2.3.11",
"product": {
"name": "6.2.3.11",
"product_id": "CSAFPID-258064"
}
},
{
"category": "service_pack",
"name": "6.2.3.9",
"product": {
"name": "6.2.3.9",
"product_id": "CSAFPID-258915"
}
},
{
"category": "service_pack",
"name": "6.2.3.12",
"product": {
"name": "6.2.3.12",
"product_id": "CSAFPID-265011"
}
},
{
"category": "service_pack",
"name": "6.2.3.13",
"product": {
"name": "6.2.3.13",
"product_id": "CSAFPID-267675"
}
},
{
"category": "service_pack",
"name": "6.2.3.14",
"product": {
"name": "6.2.3.14",
"product_id": "CSAFPID-267676"
}
},
{
"category": "service_pack",
"name": "6.2.3.15",
"product": {
"name": "6.2.3.15",
"product_id": "CSAFPID-275475"
}
}
],
"category": "product_version",
"name": "6.2"
},
{
"branches": [
{
"category": "service_pack",
"name": "6.3.0",
"product": {
"name": "6.3.0",
"product_id": "CSAFPID-251759"
}
},
{
"category": "service_pack",
"name": "6.3.0.1",
"product": {
"name": "6.3.0.1",
"product_id": "CSAFPID-258065"
}
},
{
"category": "service_pack",
"name": "6.3.0.2",
"product": {
"name": "6.3.0.2",
"product_id": "CSAFPID-258066"
}
},
{
"category": "service_pack",
"name": "6.3.0.3",
"product": {
"name": "6.3.0.3",
"product_id": "CSAFPID-265012"
}
},
{
"category": "service_pack",
"name": "6.3.0.4",
"product": {
"name": "6.3.0.4",
"product_id": "CSAFPID-268603"
}
},
{
"category": "service_pack",
"name": "6.3.0.5",
"product": {
"name": "6.3.0.5",
"product_id": "CSAFPID-276932"
}
}
],
"category": "product_version",
"name": "6.3"
},
{
"branches": [
{
"category": "service_pack",
"name": "6.4.0",
"product": {
"name": "6.4.0",
"product_id": "CSAFPID-265014"
}
},
{
"category": "service_pack",
"name": "6.4.0.1",
"product": {
"name": "6.4.0.1",
"product_id": "CSAFPID-265015"
}
},
{
"category": "service_pack",
"name": "6.4.0.3",
"product": {
"name": "6.4.0.3",
"product_id": "CSAFPID-265950"
}
},
{
"category": "service_pack",
"name": "6.4.0.2",
"product": {
"name": "6.4.0.2",
"product_id": "CSAFPID-268602"
}
},
{
"category": "service_pack",
"name": "6.4.0.4",
"product": {
"name": "6.4.0.4",
"product_id": "CSAFPID-276372"
}
},
{
"category": "service_pack",
"name": "6.4.0.5",
"product": {
"name": "6.4.0.5",
"product_id": "CSAFPID-276373"
}
},
{
"category": "service_pack",
"name": "6.4.0.6",
"product": {
"name": "6.4.0.6",
"product_id": "CSAFPID-276933"
}
},
{
"category": "service_pack",
"name": "6.4.0.7",
"product": {
"name": "6.4.0.7",
"product_id": "CSAFPID-276934"
}
},
{
"category": "service_pack",
"name": "6.4.0.8",
"product": {
"name": "6.4.0.8",
"product_id": "CSAFPID-276935"
}
}
],
"category": "product_version",
"name": "6.4"
}
],
"category": "product_family",
"name": "Cisco Secure Firewall Threat Defense (FTD) Software"
}
],
"category": "vendor",
"name": "Cisco"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-3255",
"ids": [
{
"system_name": "Cisco Bug ID",
"text": "CSCvo80853"
}
],
"notes": [
{
"category": "other",
"text": "Complete.",
"title": "Affected Product Comprehensiveness"
}
],
"product_status": {
"known_affected": [
"CSAFPID-220206",
"CSAFPID-223033",
"CSAFPID-225827",
"CSAFPID-226358",
"CSAFPID-226359",
"CSAFPID-226360",
"CSAFPID-227125",
"CSAFPID-232920",
"CSAFPID-232921",
"CSAFPID-232922",
"CSAFPID-232923",
"CSAFPID-232924",
"CSAFPID-232925",
"CSAFPID-232926",
"CSAFPID-232927",
"CSAFPID-232928",
"CSAFPID-232929",
"CSAFPID-232930",
"CSAFPID-232931",
"CSAFPID-232932",
"CSAFPID-232933",
"CSAFPID-233334",
"CSAFPID-245396",
"CSAFPID-245397",
"CSAFPID-245398",
"CSAFPID-247893",
"CSAFPID-247894",
"CSAFPID-247895",
"CSAFPID-247896",
"CSAFPID-247897",
"CSAFPID-247898",
"CSAFPID-248816",
"CSAFPID-251753",
"CSAFPID-251754",
"CSAFPID-251755",
"CSAFPID-251756",
"CSAFPID-251757",
"CSAFPID-251759",
"CSAFPID-258063",
"CSAFPID-258064",
"CSAFPID-258065",
"CSAFPID-258066",
"CSAFPID-258915",
"CSAFPID-265011",
"CSAFPID-265012",
"CSAFPID-265014",
"CSAFPID-265015",
"CSAFPID-265950",
"CSAFPID-267675",
"CSAFPID-267676",
"CSAFPID-268602",
"CSAFPID-268603",
"CSAFPID-275475",
"CSAFPID-276372",
"CSAFPID-276373",
"CSAFPID-276932",
"CSAFPID-276933",
"CSAFPID-276934",
"CSAFPID-276935"
]
},
"release_date": "2020-05-06T16:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Cisco has released software updates that address this vulnerability.",
"product_ids": [
"CSAFPID-220206",
"CSAFPID-223033",
"CSAFPID-225827",
"CSAFPID-226358",
"CSAFPID-226359",
"CSAFPID-226360",
"CSAFPID-227125",
"CSAFPID-232920",
"CSAFPID-232921",
"CSAFPID-232922",
"CSAFPID-232923",
"CSAFPID-232924",
"CSAFPID-232925",
"CSAFPID-232926",
"CSAFPID-232927",
"CSAFPID-232928",
"CSAFPID-232929",
"CSAFPID-232930",
"CSAFPID-232931",
"CSAFPID-232932",
"CSAFPID-232933",
"CSAFPID-233334",
"CSAFPID-245396",
"CSAFPID-245397",
"CSAFPID-245398",
"CSAFPID-247893",
"CSAFPID-247894",
"CSAFPID-247895",
"CSAFPID-247896",
"CSAFPID-247897",
"CSAFPID-247898",
"CSAFPID-248816",
"CSAFPID-251753",
"CSAFPID-251754",
"CSAFPID-251755",
"CSAFPID-251756",
"CSAFPID-251757",
"CSAFPID-251759",
"CSAFPID-258063",
"CSAFPID-258064",
"CSAFPID-258065",
"CSAFPID-258066",
"CSAFPID-258915",
"CSAFPID-265011",
"CSAFPID-265012",
"CSAFPID-265014",
"CSAFPID-265015",
"CSAFPID-265950",
"CSAFPID-267675",
"CSAFPID-267676",
"CSAFPID-268602",
"CSAFPID-268603",
"CSAFPID-275475",
"CSAFPID-276372",
"CSAFPID-276373",
"CSAFPID-276932",
"CSAFPID-276933",
"CSAFPID-276934",
"CSAFPID-276935"
],
"url": "https://software.cisco.com"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-220206",
"CSAFPID-223033",
"CSAFPID-225827",
"CSAFPID-226358",
"CSAFPID-226359",
"CSAFPID-226360",
"CSAFPID-227125",
"CSAFPID-232920",
"CSAFPID-232921",
"CSAFPID-232922",
"CSAFPID-232923",
"CSAFPID-232924",
"CSAFPID-232925",
"CSAFPID-232926",
"CSAFPID-232927",
"CSAFPID-232928",
"CSAFPID-232929",
"CSAFPID-232930",
"CSAFPID-232931",
"CSAFPID-232932",
"CSAFPID-232933",
"CSAFPID-233334",
"CSAFPID-245396",
"CSAFPID-245397",
"CSAFPID-245398",
"CSAFPID-247893",
"CSAFPID-247894",
"CSAFPID-247895",
"CSAFPID-247896",
"CSAFPID-247897",
"CSAFPID-247898",
"CSAFPID-248816",
"CSAFPID-251753",
"CSAFPID-251754",
"CSAFPID-251755",
"CSAFPID-251756",
"CSAFPID-251757",
"CSAFPID-251759",
"CSAFPID-258063",
"CSAFPID-258064",
"CSAFPID-258065",
"CSAFPID-258066",
"CSAFPID-258915",
"CSAFPID-265011",
"CSAFPID-265012",
"CSAFPID-265014",
"CSAFPID-265015",
"CSAFPID-265950",
"CSAFPID-267675",
"CSAFPID-267676",
"CSAFPID-268602",
"CSAFPID-268603",
"CSAFPID-275475",
"CSAFPID-276372",
"CSAFPID-276373",
"CSAFPID-276932",
"CSAFPID-276933",
"CSAFPID-276934",
"CSAFPID-276935"
]
}
],
"title": "Cisco ASA and FTD Software UDP Flood Denial of Service Vulnerability"
}
]
}
var-202005-0694
Vulnerability from variot
A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202005-0694",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "firepower threat defense",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "6.2.3"
},
{
"model": "asa 5512-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.10\\(1.3\\)"
},
{
"model": "asa 5550",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.10\\(1.3\\)"
},
{
"model": "asa 5520",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.10\\(1.3\\)"
},
{
"model": "asa 5525-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.10\\(1.3\\)"
},
{
"model": "firepower threat defense",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "6.4.0"
},
{
"model": "firepower threat defense",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "6.3.0.6"
},
{
"model": "firepower threat defense",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "6.2.3.16"
},
{
"model": "asa 5515-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.10\\(1.3\\)"
},
{
"model": "asa 5545-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.10\\(1.3\\)"
},
{
"model": "asa 5555-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.10\\(1.3\\)"
},
{
"model": "firepower threat defense",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "6.4.0.9"
},
{
"model": "asa 5505",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.10\\(1.3\\)"
},
{
"model": "firepower threat defense",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "6.3.0"
},
{
"model": "asa 5540",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.10\\(1.3\\)"
},
{
"model": "asa 5580",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.10\\(1.3\\)"
},
{
"model": "asa 5510",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.10\\(1.3\\)"
},
{
"model": "asa 5585-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.10\\(1.3\\)"
},
{
"model": "asa 5505",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asa 5510",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asa 5512-x",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asa 5515-x",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asa 5520",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asa 5525-x",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asa 5540",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asa 5545-x",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asa 5550",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "firepower threat defense software",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.2.3"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.2.3.1"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.2.3.2"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.2.3.3"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.2.3.4"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.2.3.5"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.2.3.6"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.2.3.7"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.2.3.9"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.2.3.10"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.2.3.11"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.2.3.12"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.2.3.13"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.2.3.14"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.2.3.15"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.3.0"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.3.0.1"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.3.0.2"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.3.0.3"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.3.0.4"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.3.0.5"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.1"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.2"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.3"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.4"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.5"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.6"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.7"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.8"
},
{
"model": "asa 5505",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.10(1.3)"
},
{
"model": "asa 5510",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.10(1.3)"
},
{
"model": "asa 5512-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.10(1.3)"
},
{
"model": "asa 5515-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.10(1.3)"
},
{
"model": "asa 5520",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.10(1.3)"
},
{
"model": "asa 5525-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.10(1.3)"
},
{
"model": "asa 5540",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.10(1.3)"
},
{
"model": "asa 5545-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.10(1.3)"
},
{
"model": "asa 5550",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.10(1.3)"
},
{
"model": "asa 5555-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.10(1.3)"
},
{
"model": "asa 5580",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.10(1.3)"
},
{
"model": "asa 5585-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.10(1.3)"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-3255"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005206"
},
{
"db": "NVD",
"id": "CVE-2020-3255"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:asa_5505_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:asa_5510_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:asa_5512-x_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:asa_5515-x_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:asa_5520_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:asa_5525-x_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:asa_5540_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:asa_5545-x_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:asa_5550_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:firepower_threat_defense_software",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-005206"
}
]
},
"cve": "CVE-2020-3255",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-3255",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-005206",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-181380",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-3255",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ykramarz@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2020-3255",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-005206",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-3255",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2020-3255",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-005206",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202005-218",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-181380",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2020-3255",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181380"
},
{
"db": "VULMON",
"id": "CVE-2020-3255"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005206"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-218"
},
{
"db": "NVD",
"id": "CVE-2020-3255"
},
{
"db": "NVD",
"id": "CVE-2020-3255"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-3255"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005206"
},
{
"db": "VULHUB",
"id": "VHN-181380"
},
{
"db": "VULMON",
"id": "CVE-2020-3255"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-3255",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005206",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202005-218",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.1614",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1614.2",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-181380",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2020-3255",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181380"
},
{
"db": "VULMON",
"id": "CVE-2020-3255"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005206"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-218"
},
{
"db": "NVD",
"id": "CVE-2020-3255"
}
]
},
"id": "VAR-202005-0694",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-181380"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T21:35:50.278000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-ftd-dos-N2vQZASR",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR"
},
{
"title": "Cisco Firepower Threat Defense Remediation of resource management error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117820"
},
{
"title": "Cisco: Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-ftd-dos-N2vQZASR"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2020/05/07/cisco_may_patches/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/cisco-fixes-high-severity-flaws-in-firepower-security-software-asa/155568/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-3255"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005206"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-218"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-400",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181380"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005206"
},
{
"db": "NVD",
"id": "CVE-2020-3255"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ftd-dos-n2vqzasr"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-3255"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3255"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1614/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1614.2/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/400.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://threatpost.com/cisco-fixes-high-severity-flaws-in-firepower-security-software-asa/155568/"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/181512"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181380"
},
{
"db": "VULMON",
"id": "CVE-2020-3255"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005206"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-218"
},
{
"db": "NVD",
"id": "CVE-2020-3255"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-181380"
},
{
"db": "VULMON",
"id": "CVE-2020-3255"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005206"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-218"
},
{
"db": "NVD",
"id": "CVE-2020-3255"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-06T00:00:00",
"db": "VULHUB",
"id": "VHN-181380"
},
{
"date": "2020-05-06T00:00:00",
"db": "VULMON",
"id": "CVE-2020-3255"
},
{
"date": "2020-06-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005206"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-218"
},
{
"date": "2020-05-06T17:15:12.667000",
"db": "NVD",
"id": "CVE-2020-3255"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-12T00:00:00",
"db": "VULHUB",
"id": "VHN-181380"
},
{
"date": "2020-05-12T00:00:00",
"db": "VULMON",
"id": "CVE-2020-3255"
},
{
"date": "2020-06-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005206"
},
{
"date": "2020-05-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-218"
},
{
"date": "2024-11-21T05:30:40.023000",
"db": "NVD",
"id": "CVE-2020-3255"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202005-218"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Firepower Threat Defense Software exhaustion vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-005206"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202005-218"
}
],
"trust": 0.6
}
}
fkie_cve-2020-3255
Vulnerability from fkie_nvd
Published
2020-05-06 17:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | firepower_threat_defense | * | |
| cisco | firepower_threat_defense | * | |
| cisco | firepower_threat_defense | * | |
| cisco | asa_5505_firmware | 9.10\(1.3\) | |
| cisco | asa_5505 | - | |
| cisco | asa_5510_firmware | 9.10\(1.3\) | |
| cisco | asa_5510 | - | |
| cisco | asa_5512-x_firmware | 9.10\(1.3\) | |
| cisco | asa_5512-x | - | |
| cisco | asa_5515-x_firmware | 9.10\(1.3\) | |
| cisco | asa_5515-x | - | |
| cisco | asa_5520_firmware | 9.10\(1.3\) | |
| cisco | asa_5520 | - | |
| cisco | asa_5525-x_firmware | 9.10\(1.3\) | |
| cisco | asa_5525-x | - | |
| cisco | asa_5540_firmware | 9.10\(1.3\) | |
| cisco | asa_5540 | - | |
| cisco | asa_5545-x_firmware | 9.10\(1.3\) | |
| cisco | asa_5545-x | - | |
| cisco | asa_5550_firmware | 9.10\(1.3\) | |
| cisco | asa_5550 | - | |
| cisco | asa_5555-x_firmware | 9.10\(1.3\) | |
| cisco | asa_5555-x | - | |
| cisco | asa_5580_firmware | 9.10\(1.3\) | |
| cisco | asa_5580 | - | |
| cisco | asa_5585-x_firmware | 9.10\(1.3\) | |
| cisco | asa_5585-x | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B2E5D3-ED34-4A7E-BD8F-8492B6737677",
"versionEndExcluding": "6.2.3.16",
"versionStartIncluding": "6.2.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D27DE97-510A-4761-8184-6940745B54E2",
"versionEndExcluding": "6.3.0.6",
"versionStartIncluding": "6.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06741056-2BFD-4F88-917A-F581F813B69E",
"versionEndExcluding": "6.4.0.9",
"versionStartIncluding": "6.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5505_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DEC2BDDE-4CBD-43C8-BFD9-DD2BE6A20E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5510_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FC8EC7CF-6207-4A2E-89CE-13A0B2E4BC36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1B2408C9-AAE7-48D2-ACEC-1BEE95AC95F9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EAB0DFDC-3111-44BE-ADCC-4F3B984AADB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5520_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B94CB6D9-39AA-4EA6-AC1E-2A2B26828AC7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BEF25129-A5FE-4B05-BE69-F3D35F7A9F7C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5540_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C4AD2A96-FF85-4BFD-8B3E-AD2D5D51A6CA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17C5A524-E1D9-480F-B655-0680AA5BF720",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DF9159BA-CBE1-43F4-864C-3CF0B8AE8260",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5550_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9FB38210-78F2-4414-A4A5-E885F3C9057B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E7F69272-B20B-4467-AA04-3C47AF2C1F58",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5580_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "63EB7842-7311-4868-906C-13173E6F0149",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "37C822CE-5DCB-4E71-8876-CCC5DC664DAD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad de procesamiento de paquetes del Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) sobre un dispositivo afectado. La vulnerabilidad es debido a una administraci\u00f3n ineficiente de la memoria. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una alta tasa de tr\u00e1fico IPv4 o IPv6 a trav\u00e9s de un dispositivo afectado. Este tr\u00e1fico necesitar\u00eda coincidir con una acci\u00f3n de bloqueo configurada en una pol\u00edtica de control de acceso. Una explotaci\u00f3n podr\u00eda permitir a un atacante causar una condici\u00f3n de agotamiento de la memoria en el dispositivo afectado, lo que resultar\u00eda en una DoS para el tr\u00e1fico que transita el dispositivo, as\u00ed como un rendimiento lento de la interfaz de administraci\u00f3n. Una vez que se detiene la inundaci\u00f3n, el rendimiento debe volver a los estados anteriores."
}
],
"id": "CVE-2020-3255",
"lastModified": "2024-11-21T05:30:40.023",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "psirt@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-06T17:15:12.667",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CERTFR-2020-AVI-274
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Cisco Adaptive Security Appliance et Firepower Threat Defense. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.
Solution
Note de l'éditeur :
- les correctifs pour Cisco ASA ne sont pas disponibles pour les versions antérieures à 9.8, l'éditeur recommande de migrer vers une version plus récente ;
- les correctifs pour Cisco FTD ne sont pas disponibles pour les versions antérieures à 6.2.3, l'éditeur recommande de migrer vers une version plus récente.
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Cisco | Firepower Threat Defense | Firepower Threat Defense (FTD) sur la plate-forme Firepower 1000 versions antérieures à 6.4.0.9, 6.5.0.5 et 6.6.0 | ||
| Cisco | Firepower Threat Defense | Firepower Threat Defense (FTD) versions antérieures à 6.2.3.16, 6.3.0.6, 6.4.0.9, 6.5.0.5 et 6.6.0 | ||
| Cisco | Adaptive Security Appliance | Adaptive Security Appliance (ASA) versions antérieures à 9.8.4.20, 9.9.2.67, 9.10.1.39, 9.12.3.9 et 9.13.1.10 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Firepower Threat Defense (FTD) sur la plate-forme Firepower 1000 versions ant\u00e9rieures \u00e0 6.4.0.9, 6.5.0.5 et 6.6.0",
"product": {
"name": "Firepower Threat Defense",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Firepower Threat Defense (FTD) versions ant\u00e9rieures \u00e0 6.2.3.16, 6.3.0.6, 6.4.0.9, 6.5.0.5 et 6.6.0",
"product": {
"name": "Firepower Threat Defense",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Adaptive Security Appliance (ASA) versions ant\u00e9rieures \u00e0 9.8.4.20, 9.9.2.67, 9.10.1.39, 9.12.3.9 et 9.13.1.10",
"product": {
"name": "Adaptive Security Appliance",
"vendor": {
"name": "Cisco",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nNote de l\u0027\u00e9diteur :\n\n- les correctifs pour Cisco ASA ne sont pas disponibles pour les\n versions ant\u00e9rieures \u00e0 9.8, l\u0027\u00e9diteur recommande de migrer vers une\n version plus r\u00e9cente ;\n- les correctifs pour Cisco FTD ne sont pas disponibles pour les\n versions ant\u00e9rieures \u00e0 6.2.3, l\u0027\u00e9diteur recommande de migrer vers\n une version plus r\u00e9cente.\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-3255",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3255"
},
{
"name": "CVE-2020-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3195"
},
{
"name": "CVE-2020-3191",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3191"
},
{
"name": "CVE-2020-3259",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3259"
},
{
"name": "CVE-2020-3187",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3187"
},
{
"name": "CVE-2020-3179",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3179"
},
{
"name": "CVE-2020-3283",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3283"
},
{
"name": "CVE-2020-3254",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3254"
},
{
"name": "CVE-2020-3196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3196"
},
{
"name": "CVE-2020-3189",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3189"
},
{
"name": "CVE-2020-3298",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3298"
},
{
"name": "CVE-2020-3125",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3125"
}
],
"initial_release_date": "2020-05-07T00:00:00",
"last_revision_date": "2020-05-07T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 cisco-sa-asaftd-info-disclose-9eJtycMB du 06 mai 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-info-disclose-9eJtycMB"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 cisco-sa-asaftd-ipv6-67pA658k du 06 mai 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipv6-67pA658k"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-ftd-tls-dos-4v5nmWtZ du 06 mai 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-dos-4v5nmWtZ"
}
],
"reference": "CERTFR-2020-AVI-274",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-05-07T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Cisco\nAdaptive Security Appliance et Firepower Threat Defense. Certaines\nd\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service\n\u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9 et une atteinte\n\u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 cisco-sa-asa-ssl-vpn-dos-qY7BHpjN du 06 mai 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-dos-qY7BHpjN"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 cisco-sa-asa-ftd-ospf-memleak-DHpsgfnv du 06 mai 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-memleak-DHpsgfnv"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-ftd-dos-N2vQZASR du 06 mai 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-ftd-tls-dos-4v5nmWtZ du 06 mai 2020",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 cisco-sa-asaftd-path-JE3azWw43 du 06 mai 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 cisco-sa-asa-ftd-ospf-dos-RhMQY8qx du 06 mai 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-dos-RhMQY8qx"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-ftd-dos-2-sS2h7aWe du 06 mai 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-2-sS2h7aWe"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-ftd-dos-Rdpe34sd8 du 06 mai 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-Rdpe34sd8"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 cisco-sa-asaftd-mgcp-SUqB8VKH du 06 mai 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgcp-SUqB8VKH"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 cisco-asa-kerberos-bypass-96Gghe2sS du 06 mai 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-asa-kerberos-bypass-96Gghe2sS"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 cisco-sa-asaftd-ipv6-67pA658k du 06 mai 2020",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 cisco-sa-asaftd-info-disclose-9eJtycMB du 06 mai 2020",
"url": null
}
]
}
cnvd-2020-27776
Vulnerability from cnvd
Title
Cisco Firepower Threat Defense资源管理错误漏洞(CNVD-2020-27776)
Description
Cisco Firepower Threat Defense(FTD)是美国思科(Cisco)公司的一套提供下一代防火墙服务的统一软件。
Cisco FTD Software中的数据包处理功能存在资源管理错误漏洞,该漏洞源于低效的内存管理。远程攻击者可通过高频率发送IPv4或IPv6流量利用该漏洞造成拒绝服务。
Severity
高
VLAI Severity ?
Patch Name
Cisco Firepower Threat Defense资源管理错误漏洞(CNVD-2020-27776)的补丁
Patch Description
Cisco Firepower Threat Defense(FTD)是美国思科(Cisco)公司的一套提供下一代防火墙服务的统一软件。
Cisco FTD Software中的数据包处理功能存在资源管理错误漏洞,该漏洞源于低效的内存管理。远程攻击者可通过高频率发送IPv4或IPv6流量利用该漏洞造成拒绝服务。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR
Reference
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR
Impacted products
| Name | Cisco Firepower Threat Defense (FTD) Software |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2020-3255"
}
},
"description": "Cisco Firepower Threat Defense\uff08FTD\uff09\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957\u63d0\u4f9b\u4e0b\u4e00\u4ee3\u9632\u706b\u5899\u670d\u52a1\u7684\u7edf\u4e00\u8f6f\u4ef6\u3002\n\nCisco FTD Software\u4e2d\u7684\u6570\u636e\u5305\u5904\u7406\u529f\u80fd\u5b58\u5728\u8d44\u6e90\u7ba1\u7406\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u4f4e\u6548\u7684\u5185\u5b58\u7ba1\u7406\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u9ad8\u9891\u7387\u53d1\u9001IPv4\u6216IPv6\u6d41\u91cf\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2020-27776",
"openTime": "2020-05-12",
"patchDescription": "Cisco Firepower Threat Defense\uff08FTD\uff09\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957\u63d0\u4f9b\u4e0b\u4e00\u4ee3\u9632\u706b\u5899\u670d\u52a1\u7684\u7edf\u4e00\u8f6f\u4ef6\u3002\r\n\r\nCisco FTD Software\u4e2d\u7684\u6570\u636e\u5305\u5904\u7406\u529f\u80fd\u5b58\u5728\u8d44\u6e90\u7ba1\u7406\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u4f4e\u6548\u7684\u5185\u5b58\u7ba1\u7406\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u9ad8\u9891\u7387\u53d1\u9001IPv4\u6216IPv6\u6d41\u91cf\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Cisco Firepower Threat Defense\u8d44\u6e90\u7ba1\u7406\u9519\u8bef\u6f0f\u6d1e\uff08CNVD-2020-27776\uff09\u7684\u8865\u4e01",
"products": {
"product": "Cisco Firepower Threat Defense (FTD) Software"
},
"referenceLink": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR",
"serverity": "\u9ad8",
"submitTime": "2020-05-07",
"title": "Cisco Firepower Threat Defense\u8d44\u6e90\u7ba1\u7406\u9519\u8bef\u6f0f\u6d1e\uff08CNVD-2020-27776\uff09"
}
gsd-2020-3255
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-3255",
"description": "A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states.",
"id": "GSD-2020-3255"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-3255"
],
"details": "A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states.",
"id": "GSD-2020-3255",
"modified": "2023-12-13T01:22:09.988298Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-05-06T16:00:00-0700",
"ID": "CVE-2020-3255",
"STATE": "PUBLIC",
"TITLE": "Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Firepower Threat Defense Software ",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states."
}
]
},
"exploit": [
{
"lang": "eng",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"impact": {
"cvss": {
"baseScore": "7.5",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H ",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200506 Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR"
}
]
},
"source": {
"advisory": "cisco-sa-ftd-dos-N2vQZASR",
"defect": [
[
"CSCvo80853"
]
],
"discovery": "INTERNAL"
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.2.3.16",
"versionStartIncluding": "6.2.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.3.0.6",
"versionStartIncluding": "6.3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.4.0.9",
"versionStartIncluding": "6.4.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5505_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5510_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5512-x_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5515-x_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5520_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5525-x_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5540_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5545-x_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5550_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5555-x_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5580_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5585-x_firmware:9.10\\(1.3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2020-3255"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200506 Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability",
"refsource": "CISCO",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2020-05-12T17:27Z",
"publishedDate": "2020-05-06T17:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…