var-202005-0686
Vulnerability from variot
A vulnerability in how Cisco Firepower Threat Defense (FTD) Software handles session timeouts for management connections could allow an unauthenticated, remote attacker to cause a buildup of remote management connections to an affected device, which could result in a denial of service (DoS) condition. The vulnerability exists because the default session timeout period for specific to-the-box remote management connections is too long. An attacker could exploit this vulnerability by sending a large and sustained number of crafted remote management connections to an affected device, resulting in a buildup of those connections over time. A successful exploit could allow the attacker to cause the remote management interface or Cisco Firepower Device Manager (FDM) to stop responding and cause other management functions to go offline, resulting in a DoS condition. The user traffic that is flowing through the device would not be affected, and the DoS condition would be isolated to remote management only. Cisco Firepower Threat Defense (FTD) The software contains an input verification vulnerability.Service operation interruption (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202005-0686",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "firepower threat defense",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "6.4.0.9"
},
{
"model": "firepower threat defense",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "6.5.0.5"
},
{
"model": "asa 5525-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.8\\(3\\)"
},
{
"model": "asa 5545-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.8\\(3\\)"
},
{
"model": "asa 5505",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "101.6\\(1.96\\)"
},
{
"model": "asa 5540",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "101.6\\(1.96\\)"
},
{
"model": "asa 5550",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "101.6\\(1.96\\)"
},
{
"model": "asa 5555-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "101.6\\(1.96\\)"
},
{
"model": "asa 5585-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.8\\(3\\)"
},
{
"model": "asa 5505",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.8\\(3\\)"
},
{
"model": "asa 5540",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.8\\(3\\)"
},
{
"model": "asa 5550",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.8\\(3\\)"
},
{
"model": "asa 5515-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "101.6\\(1.96\\)"
},
{
"model": "asa 5555-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.8\\(3\\)"
},
{
"model": "asa 5510",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "101.6\\(1.96\\)"
},
{
"model": "firepower threat defense",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "6.4.0"
},
{
"model": "asa 5520",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "101.6\\(1.96\\)"
},
{
"model": "firepower threat defense",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "6.5.0"
},
{
"model": "asa 5515-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.8\\(3\\)"
},
{
"model": "asa 5512-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "101.6\\(1.96\\)"
},
{
"model": "asa 5510",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.8\\(3\\)"
},
{
"model": "asa 5580",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "101.6\\(1.96\\)"
},
{
"model": "asa 5525-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "101.6\\(1.96\\)"
},
{
"model": "asa 5545-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "101.6\\(1.96\\)"
},
{
"model": "asa 5520",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.8\\(3\\)"
},
{
"model": "asa 5580",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.8\\(3\\)"
},
{
"model": "asa 5585-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "101.6\\(1.96\\)"
},
{
"model": "asa 5512-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.8\\(3\\)"
},
{
"model": "asa 5505",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asa 5510",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asa 5512-x",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asa 5515-x",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asa 5520",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asa 5525-x",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asa 5540",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asa 5545-x",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asa 5550",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "firepower threat defense software",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.1"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.2"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.3"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.4"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.5"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.6"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.7"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.8"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.5.0"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.5.0.2"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.5.0.3"
},
{
"model": "asa 5505",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.8(3)"
},
{
"model": "asa 5505",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "101.6(1.96)"
},
{
"model": "asa 5510",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.8(3)"
},
{
"model": "asa 5510",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "101.6(1.96)"
},
{
"model": "asa 5512-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.8(3)"
},
{
"model": "asa 5512-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "101.6(1.96)"
},
{
"model": "asa 5515-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.8(3)"
},
{
"model": "asa 5515-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "101.6(1.96)"
},
{
"model": "asa 5520",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.8(3)"
},
{
"model": "asa 5520",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "101.6(1.96)"
},
{
"model": "asa 5525-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.8(3)"
},
{
"model": "asa 5525-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "101.6(1.96)"
},
{
"model": "asa 5540",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.8(3)"
},
{
"model": "asa 5540",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "101.6(1.96)"
},
{
"model": "asa 5545-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.8(3)"
},
{
"model": "asa 5545-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "101.6(1.96)"
},
{
"model": "asa 5550",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.8(3)"
},
{
"model": "asa 5550",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "101.6(1.96)"
},
{
"model": "asa 5555-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.8(3)"
},
{
"model": "asa 5555-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "101.6(1.96)"
},
{
"model": "asa 5580",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.8(3)"
},
{
"model": "asa 5580",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "101.6(1.96)"
},
{
"model": "asa 5585-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.8(3)"
},
{
"model": "asa 5585-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "101.6(1.96)"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-3188"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005188"
},
{
"db": "NVD",
"id": "CVE-2020-3188"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.4.0.9",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.0.5",
"versionStartIncluding": "6.5.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5505_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5505_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5510_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5510_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5512-x_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5512-x_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5515-x_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5515-x_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5520_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5520_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5525-x_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5525-x_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5540_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5540_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5545-x_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5545-x_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5550_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5550_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5555-x_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5555-x_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5580_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5580_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5585-x_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5585-x_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-3188"
}
]
},
"cve": "CVE-2020-3188",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-005188",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-181313",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-3188",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ykramarz@cisco.com",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-005188",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-3188",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2020-3188",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-005188",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202005-203",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-181313",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2020-3188",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181313"
},
{
"db": "VULMON",
"id": "CVE-2020-3188"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005188"
},
{
"db": "NVD",
"id": "CVE-2020-3188"
},
{
"db": "NVD",
"id": "CVE-2020-3188"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-203"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in how Cisco Firepower Threat Defense (FTD) Software handles session timeouts for management connections could allow an unauthenticated, remote attacker to cause a buildup of remote management connections to an affected device, which could result in a denial of service (DoS) condition. The vulnerability exists because the default session timeout period for specific to-the-box remote management connections is too long. An attacker could exploit this vulnerability by sending a large and sustained number of crafted remote management connections to an affected device, resulting in a buildup of those connections over time. A successful exploit could allow the attacker to cause the remote management interface or Cisco Firepower Device Manager (FDM) to stop responding and cause other management functions to go offline, resulting in a DoS condition. The user traffic that is flowing through the device would not be affected, and the DoS condition would be isolated to remote management only. Cisco Firepower Threat Defense (FTD) The software contains an input verification vulnerability.Service operation interruption (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-3188"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005188"
},
{
"db": "VULHUB",
"id": "VHN-181313"
},
{
"db": "VULMON",
"id": "CVE-2020-3188"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-3188",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005188",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202005-203",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.1614",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1614.2",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-181313",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2020-3188",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181313"
},
{
"db": "VULMON",
"id": "CVE-2020-3188"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005188"
},
{
"db": "NVD",
"id": "CVE-2020-3188"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-203"
}
]
},
"id": "VAR-202005-0686",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-181313"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:58:22.310000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-ftd-mgmt-interface-dos-FkG4MuTU",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ftd-mgmt-interface-dos-fkg4mutu"
},
{
"title": "Cisco: Cisco Firepower Threat Defense Software Management Interface Denial of Service Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-ftd-mgmt-interface-dos-fkg4mutu"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2020/05/07/cisco_may_patches/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-3188"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005188"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-613",
"trust": 1.1
},
{
"problemtype": "CWE-20",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181313"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005188"
},
{
"db": "NVD",
"id": "CVE-2020-3188"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ftd-mgmt-interface-dos-fkg4mutu"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-3188"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3188"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1614/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1614.2/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/181527"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181313"
},
{
"db": "VULMON",
"id": "CVE-2020-3188"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005188"
},
{
"db": "NVD",
"id": "CVE-2020-3188"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-203"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-181313"
},
{
"db": "VULMON",
"id": "CVE-2020-3188"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005188"
},
{
"db": "NVD",
"id": "CVE-2020-3188"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-203"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-06T00:00:00",
"db": "VULHUB",
"id": "VHN-181313"
},
{
"date": "2020-05-06T00:00:00",
"db": "VULMON",
"id": "CVE-2020-3188"
},
{
"date": "2020-06-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005188"
},
{
"date": "2020-05-06T17:15:12.150000",
"db": "NVD",
"id": "CVE-2020-3188"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-203"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-12T00:00:00",
"db": "VULHUB",
"id": "VHN-181313"
},
{
"date": "2020-05-12T00:00:00",
"db": "VULMON",
"id": "CVE-2020-3188"
},
{
"date": "2020-06-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005188"
},
{
"date": "2021-08-12T18:18:33.027000",
"db": "NVD",
"id": "CVE-2020-3188"
},
{
"date": "2020-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-203"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202005-203"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Firepower Threat Defense Input verification vulnerabilities in software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-005188"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202005-203"
}
],
"trust": 0.6
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.