Lucene search

[email protected]NVD:CVE-2020-3571

HistoryOct 21, 2020 - 7:15 p.m.

CVE-2020-3571

2020-10-2119:15:18

CWE-20

CWE-400

[email protected]

web.nvd.nist.gov

vulnerability

cisco firepower

denial of service

remote attacker

icmp processing

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS

0.002

Percentile

52.7%

JSON

A vulnerability in the ICMP ingress packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 4110 appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incomplete input validation upon receiving ICMP packets. An attacker could exploit this vulnerability by sending a high number of crafted ICMP or ICMPv6 packets to an affected device. A successful exploit could allow the attacker to cause a memory exhaustion condition that may result in an unexpected reload. No manual intervention is needed to recover the device after the reload.

Affected configurations

Nvd

Node

ciscofirepower_threat_defenseRange6.3.0–6.3.0.6

ciscofirepower_threat_defenseRange6.4.0–6.4.0.10

ciscofirepower_threat_defenseRange6.5.0–6.5.0.5

AND

ciscofirepower_4110Match-

ciscofirepower_4112Match-

ciscofirepower_4115Match-

ciscofirepower_4120Match-

ciscofirepower_4125Match-

ciscofirepower_4140Match-

ciscofirepower_4145Match-

ciscofirepower_4150Match-

VendorProductVersionCPE
ciscofirepower_threat_defense*cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*
ciscofirepower_4110-cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*
ciscofirepower_4112-cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*
ciscofirepower_4115-cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*
ciscofirepower_4120-cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*
ciscofirepower_4125-cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*
ciscofirepower_4140-cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*
ciscofirepower_4145-cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*
ciscofirepower_4150-cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	firepower_threat_defense	*	cpe:2.3:a:cisco:firepower_threat_defense::::::::
cisco	firepower_4110	-	cpe:2.3:h:cisco:firepower_4110:-:::::::*
cisco	firepower_4112	-	cpe:2.3:h:cisco:firepower_4112:-:::::::*
cisco	firepower_4115	-	cpe:2.3:h:cisco:firepower_4115:-:::::::*
cisco	firepower_4120	-	cpe:2.3:h:cisco:firepower_4120:-:::::::*
cisco	firepower_4125	-	cpe:2.3:h:cisco:firepower_4125:-:::::::*
cisco	firepower_4140	-	cpe:2.3:h:cisco:firepower_4140:-:::::::*
cisco	firepower_4145	-	cpe:2.3:h:cisco:firepower_4145:-:::::::*
cisco	firepower_4150	-	cpe:2.3:h:cisco:firepower_4150:-:::::::*

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmp-dos-hxxcycM

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS

0.002

Percentile

52.7%

JSON

Related for NVD:CVE-2020-3571

cve1 cvelist1 nessus1 prion1 cisco1 threatpost1