cve-2020-3255
Vulnerability from cvelistv5
Published
2020-05-06 00:00
Modified
2024-08-04 07:30
Severity
7.5 (High) - cvssV3_0 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability
References
SourceURLTags
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASRVendor Advisory
Impacted products
VendorProduct
CiscoCisco Firepower Threat Defense Software
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:30:58.159Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200506 Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Firepower Threat Defense Software ",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-05-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-06T16:41:44",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200506 Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ftd-dos-N2vQZASR",
        "defect": [
          [
            "CSCvo80853"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-05-06T16:00:00-0700",
          "ID": "CVE-2020-3255",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Firepower Threat Defense Software ",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.5",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H ",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200506 Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ftd-dos-N2vQZASR",
          "defect": [
            [
              "CSCvo80853"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3255",
    "datePublished": "2020-05-06T00:00:00",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-08-04T07:30:58.159Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-3255\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2020-05-06T17:15:12.667\",\"lastModified\":\"2020-05-12T17:27:58.960\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la funcionalidad de procesamiento de paquetes del Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) sobre un dispositivo afectado. La vulnerabilidad es debido a una administraci\u00f3n ineficiente de la memoria. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una alta tasa de tr\u00e1fico IPv4 o IPv6 a trav\u00e9s de un dispositivo afectado. Este tr\u00e1fico necesitar\u00eda coincidir con una acci\u00f3n de bloqueo configurada en una pol\u00edtica de control de acceso. Una explotaci\u00f3n podr\u00eda permitir a un atacante causar una condici\u00f3n de agotamiento de la memoria en el dispositivo afectado, lo que resultar\u00eda en una DoS para el tr\u00e1fico que transita el dispositivo, as\u00ed como un rendimiento lento de la interfaz de administraci\u00f3n. Una vez que se detiene la inundaci\u00f3n, el rendimiento debe volver a los estados anteriores.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV30\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]},{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2.3\",\"versionEndExcluding\":\"6.2.3.16\",\"matchCriteriaId\":\"C4B2E5D3-ED34-4A7E-BD8F-8492B6737677\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.3.0\",\"versionEndExcluding\":\"6.3.0.6\",\"matchCriteriaId\":\"9D27DE97-510A-4761-8184-6940745B54E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.4.0\",\"versionEndExcluding\":\"6.4.0.9\",\"matchCriteriaId\":\"06741056-2BFD-4F88-917A-F581F813B69E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_5505_firmware:9.10\\\\(1.3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEC2BDDE-4CBD-43C8-BFD9-DD2BE6A20E91\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_5510_firmware:9.10\\\\(1.3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC8EC7CF-6207-4A2E-89CE-13A0B2E4BC36\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B091B9BA-D4CA-435B-8D66-602B45F0E0BD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_5512-x_firmware:9.10\\\\(1.3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B2408C9-AAE7-48D2-ACEC-1BEE95AC95F9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08F0F160-DAD2-48D4-B7B2-4818B2526F35\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_5515-x_firmware:9.10\\\\(1.3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAB0DFDC-3111-44BE-ADCC-4F3B984AADB2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"977D597B-F6DE-4438-AB02-06BE64D71EBE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_5520_firmware:9.10\\\\(1.3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B94CB6D9-39AA-4EA6-AC1E-2A2B26828AC7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B387F62-6341-434D-903F-9B72E7F84ECB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_5525-x_firmware:9.10\\\\(1.3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEF25129-A5FE-4B05-BE69-F3D35F7A9F7C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB71EB29-0115-4307-A9F7-262394FD9FB0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_5540_firmware:9.10\\\\(1.3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4AD2A96-FF85-4BFD-8B3E-AD2D5D51A6CA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17C5A524-E1D9-480F-B655-0680AA5BF720\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_5545-x_firmware:9.10\\\\(1.3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF9159BA-CBE1-43F4-864C-3CF0B8AE8260\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57179F60-E330-4FF0-9664-B1E4637FF210\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_5550_firmware:9.10\\\\(1.3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FB38210-78F2-4414-A4A5-E885F3C9057B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6287D95-F564-44B7-A0F9-91396D7C2C4E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_5555-x_firmware:9.10\\\\(1.3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7F69272-B20B-4467-AA04-3C47AF2C1F58\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5535C936-391B-4619-AA03-B35265FC15D7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_5580_firmware:9.10\\\\(1.3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63EB7842-7311-4868-906C-13173E6F0149\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1E828B8-5ECC-4A09-B2AD-DEDC558713DE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:asa_5585-x_firmware:9.10\\\\(1.3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37C822CE-5DCB-4E71-8876-CCC5DC664DAD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16AE20C2-C77E-4E04-BF13-A48696E52426\"}]}]}],\"references\":[{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.