Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-ASAFTD-FTPBYPASS-HY3UTXYU
HistoryOct 21, 2020 - 4:00 p.m.

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Bypass Vulnerability

2020-10-2116:00:00
tools.cisco.com
34
cisco
adaptive security appliance
firepower threat defense
ftp inspection
vulnerability
software update
ssl/tls
denial of service

EPSS

0.001

Percentile

47.9%

JSON

Update from October 22nd, 2020: Cisco has become aware of a new Cisco Adaptive Security Appliance vulnerability that could affect the fixed releases recommended for code trains 9.13 and 9.14 in the Fixed Software [“#fs”] section of this advisory. See the Cisco Adaptive Security Appliance Software SSL/TLS Denial of Service Vulnerability [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-dos-7uZWwSEy”] for additional information.

A vulnerability in the FTP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass FTP inspection.

The vulnerability is due to ineffective flow tracking of FTP traffic. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and successfully complete FTP connections.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ftpbypass-HY3UTxYu [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ftpbypass-HY3UTxYu”]

Affected configurations

Vulners
Node
ciscocisco_adaptive_security_appliance_\(asa\)_softwareMatch9.8
OR
ciscocisco_adaptive_security_appliance_\(asa\)_softwareMatch9.12
OR
ciscofirepower_2100_firmwareMatchany
OR
ciscoasa_5500-x_series_ips_ssp_softwareMatchany
OR
ciscoindustrial_security_appliances_3000_firmwareMatchany
OR
ciscofirepower_9000_firmwareMatchany
OR
ciscofirepower_4100_next-generation_firewall_firmwareMatchany
OR
ciscoadaptive_security_virtual_applianceMatchany
OR
ciscofirepower_threat_defense_softwareMatchany
OR
ciscocisco_adaptive_security_appliance_\(asa\)_softwareMatch9.8.2.14
OR
ciscocisco_adaptive_security_appliance_\(asa\)_softwareMatch9.8.2.15
OR
ciscocisco_adaptive_security_appliance_\(asa\)_softwareMatch9.8.2.17
OR
ciscocisco_adaptive_security_appliance_\(asa\)_softwareMatch9.8.2.20
OR
ciscocisco_adaptive_security_appliance_\(asa\)_softwareMatch9.8.2.28
OR
ciscocisco_adaptive_security_appliance_\(asa\)_softwareMatch9.12.3.9
OR
ciscoadaptive_security_appliance_softwareMatch2100_series
OR
ciscoasaMatch5500-x_series_firewalls
OR
ciscoadaptive_security_appliance_softwareMatch3000_series_industrial_security_appliances_\(isa\)
OR
ciscoadaptive_security_appliance_softwareMatch9000_series
OR
ciscoadaptive_security_appliance_softwareMatch4100_series
OR
ciscoadaptive_security_virtual_applianceMatchany
OR
ciscofirepower_threat_defense_softwareMatchany
OR
ciscoadaptive_security_appliance_softwareMatch3000_series_industrial_security_appliances_\(isa\)
OR
ciscoadaptive_security_appliance_softwareMatch4100_series
OR
ciscoasaMatch5500-x_series_firewalls
OR
ciscoadaptive_security_appliance_softwareMatch9000_series
OR
ciscocisco_adaptive_security_appliance_\(asa\)_softwareMatch9.8.2.28_when_installed_on_cisco_adaptive_security_virtual_appliance_\(asav\)
OR
ciscoadaptive_security_appliance_softwareMatch2100_series
VendorProductVersionCPE
ciscocisco_adaptive_security_appliance_\(asa\)_software9.8cpe:2.3:a:cisco:cisco_adaptive_security_appliance_\(asa\)_software:9.8:*:*:*:*:*:*:*
ciscocisco_adaptive_security_appliance_\(asa\)_software9.12cpe:2.3:a:cisco:cisco_adaptive_security_appliance_\(asa\)_software:9.12:*:*:*:*:*:*:*
ciscofirepower_2100_firmwareanycpe:2.3:o:cisco:firepower_2100_firmware:any:*:*:*:*:*:*:*
ciscoasa_5500-x_series_ips_ssp_softwareanycpe:2.3:a:cisco:asa_5500-x_series_ips_ssp_software:any:*:*:*:*:*:*:*
ciscoindustrial_security_appliances_3000_firmwareanycpe:2.3:o:cisco:industrial_security_appliances_3000_firmware:any:*:*:*:*:*:*:*
ciscofirepower_9000_firmwareanycpe:2.3:o:cisco:firepower_9000_firmware:any:*:*:*:*:*:*:*
ciscofirepower_4100_next-generation_firewall_firmwareanycpe:2.3:o:cisco:firepower_4100_next-generation_firewall_firmware:any:*:*:*:*:*:*:*
ciscoadaptive_security_virtual_applianceanycpe:2.3:a:cisco:adaptive_security_virtual_appliance:any:*:*:*:*:*:*:*
ciscofirepower_threat_defense_softwareanycpe:2.3:a:cisco:firepower_threat_defense_software:any:*:*:*:*:*:*:*
ciscocisco_adaptive_security_appliance_\(asa\)_software9.8.2.14cpe:2.3:a:cisco:cisco_adaptive_security_appliance_\(asa\)_software:9.8.2.14:*:*:*:*:*:*:*
Rows per page:
1-10 of 211

Related

nessus 2
prion 1
cve 1
cvelist 1
nvd 1
nessus
nessus
Cisco Firepower Threat Defense (FTD) Software FTP Inspection Bypass Vulnerability (cisco-sa-asaftd-ftpbypass-HY3UTxYu)
2022-08-23 00:00:00
Cisco Adaptive Security Appliance (ASA) Software FTP Inspection Bypass Vulnerability (cisco-sa-asaftd-ftpbypass-HY3UTxYu)
2022-08-23 00:00:00
prion
prion
Design/Logic Flaw
2020-10-21 19:15:00
cve
cve
CVE-2020-3564
2020-10-21 19:15:18
cvelist
cvelist
CVE-2020-3564 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Bypass Vulnerability
2020-10-21 18:40:58
nvd
nvd
CVE-2020-3564
2020-10-21 19:15:18

EPSS

0.001

Percentile

47.9%

JSON
Related for CISCO-SA-ASAFTD-FTPBYPASS-HY3UTXYU
nessus2prion1cve1cvelist1nvd1