Lucene search

CiscoCVELIST:CVE-2020-3317

HistoryOct 21, 2020 - 6:36 p.m.

CVE-2020-3317 Cisco Firepower Threat Defense Software SSL Input Validation Denial of Service Vulnerability

2020-10-2118:36:43

CWE-20

cisco

www.cve.org

cisco firepower threat defense

ssl input validation

denial of service

vulnerability

snort

tls packet

cisco adaptive security appliance

CVSS3

5.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

EPSS

0.002

Percentile

52.6%

JSON

A vulnerability in the ssl_inspection component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to crash Snort instances. The vulnerability is due to insufficient input validation in the ssl_inspection component. An attacker could exploit this vulnerability by sending a malformed TLS packet through a Cisco Adaptive Security Appliance (ASA). A successful exploit could allow the attacker to crash a Snort instance, resulting in a denial of service (DoS) condition.

CNA Affected

[
  {
    "product": "Cisco Firepower Threat Defense Software",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-mf3822Z

CVSS3

5.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

EPSS

0.002

Percentile

52.6%

JSON

Related for CVELIST:CVE-2020-3317