Lucene search

CiscoCVE-2020-3334

HistoryMay 06, 2020 - 5:15 p.m.

CVE-2020-3334

2020-05-0617:15:14

CWE-400

CWE-399

cisco

web.nvd.nist.gov

cisco

asa

ftd

arp

vulnerability

denial of service

nvd

cve-2020-3334

CVSS2

6.1

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.4

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS

0.001

Percentile

25.0%

JSON

A vulnerability in the ARP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect processing of ARP packets received by the management interface of an affected device. An attacker could exploit this vulnerability by sending a series of unicast ARP packets in a short timeframe that would reach the management interface of an affected device. A successful exploit could allow the attacker to consume resources on an affected device, which would prevent the device from sending internal system keepalives and eventually cause the device to reload, resulting in a denial of service (DoS) condition.

Affected configurations

Nvd

Node

ciscoadaptive_security_appliance_softwareRange9.10–9.10.1.37

ciscoadaptive_security_appliance_softwareRange9.12–9.12.3

ciscoadaptive_security_appliance_softwareRange9.13–9.13.1.2

Node

ciscofirepower_threat_defenseRange<6.6.0

AND

ciscofirepower_2110Match-

ciscofirepower_2120Match-

ciscofirepower_2130Match-

ciscofirepower_2140Match-

VendorProductVersionCPE
ciscoadaptive_security_appliance_software*cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*
ciscofirepower_threat_defense*cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*
ciscofirepower_2110-cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*
ciscofirepower_2120-cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*
ciscofirepower_2130-cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*
ciscofirepower_2140-cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	adaptive_security_appliance_software	*	cpe:2.3:o:cisco:adaptive_security_appliance_software::::::::
cisco	firepower_threat_defense	*	cpe:2.3:a:cisco:firepower_threat_defense::::::::
cisco	firepower_2110	-	cpe:2.3:h:cisco:firepower_2110:-:::::::*
cisco	firepower_2120	-	cpe:2.3:h:cisco:firepower_2120:-:::::::*
cisco	firepower_2130	-	cpe:2.3:h:cisco:firepower_2130:-:::::::*
cisco	firepower_2140	-	cpe:2.3:h:cisco:firepower_2140:-:::::::*

CNA Affected

[
  {
    "product": "Cisco Adaptive Security Appliance (ASA) Software",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fp2100-arp-dos-kLdCK8ks

CVSS2

6.1

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.4

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS

0.001

Percentile

25.0%

JSON

Related for CVE-2020-3334