VAR-202005-0686
Vulnerability from variot - Updated: 2023-12-18 11:58A vulnerability in how Cisco Firepower Threat Defense (FTD) Software handles session timeouts for management connections could allow an unauthenticated, remote attacker to cause a buildup of remote management connections to an affected device, which could result in a denial of service (DoS) condition. The vulnerability exists because the default session timeout period for specific to-the-box remote management connections is too long. An attacker could exploit this vulnerability by sending a large and sustained number of crafted remote management connections to an affected device, resulting in a buildup of those connections over time. A successful exploit could allow the attacker to cause the remote management interface or Cisco Firepower Device Manager (FDM) to stop responding and cause other management functions to go offline, resulting in a DoS condition. The user traffic that is flowing through the device would not be affected, and the DoS condition would be isolated to remote management only. Cisco Firepower Threat Defense (FTD) The software contains an input verification vulnerability.Service operation interruption (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202005-0686",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "firepower threat defense",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "6.4.0.9"
},
{
"model": "firepower threat defense",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "6.5.0.5"
},
{
"model": "asa 5525-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.8\\(3\\)"
},
{
"model": "asa 5545-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.8\\(3\\)"
},
{
"model": "asa 5505",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "101.6\\(1.96\\)"
},
{
"model": "asa 5540",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "101.6\\(1.96\\)"
},
{
"model": "asa 5550",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "101.6\\(1.96\\)"
},
{
"model": "asa 5555-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "101.6\\(1.96\\)"
},
{
"model": "asa 5585-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.8\\(3\\)"
},
{
"model": "asa 5505",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.8\\(3\\)"
},
{
"model": "asa 5540",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.8\\(3\\)"
},
{
"model": "asa 5550",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.8\\(3\\)"
},
{
"model": "asa 5515-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "101.6\\(1.96\\)"
},
{
"model": "asa 5555-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.8\\(3\\)"
},
{
"model": "asa 5510",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "101.6\\(1.96\\)"
},
{
"model": "firepower threat defense",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "6.4.0"
},
{
"model": "asa 5520",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "101.6\\(1.96\\)"
},
{
"model": "firepower threat defense",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "6.5.0"
},
{
"model": "asa 5515-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.8\\(3\\)"
},
{
"model": "asa 5512-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "101.6\\(1.96\\)"
},
{
"model": "asa 5510",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.8\\(3\\)"
},
{
"model": "asa 5580",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "101.6\\(1.96\\)"
},
{
"model": "asa 5525-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "101.6\\(1.96\\)"
},
{
"model": "asa 5545-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "101.6\\(1.96\\)"
},
{
"model": "asa 5520",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.8\\(3\\)"
},
{
"model": "asa 5580",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.8\\(3\\)"
},
{
"model": "asa 5585-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "101.6\\(1.96\\)"
},
{
"model": "asa 5512-x",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.8\\(3\\)"
},
{
"model": "asa 5505",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asa 5510",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asa 5512-x",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asa 5515-x",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asa 5520",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asa 5525-x",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asa 5540",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asa 5545-x",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asa 5550",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "firepower threat defense software",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.1"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.2"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.3"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.4"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.5"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.6"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.7"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.8"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.5.0"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.5.0.2"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.5.0.3"
},
{
"model": "asa 5505",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.8(3)"
},
{
"model": "asa 5505",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "101.6(1.96)"
},
{
"model": "asa 5510",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.8(3)"
},
{
"model": "asa 5510",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "101.6(1.96)"
},
{
"model": "asa 5512-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.8(3)"
},
{
"model": "asa 5512-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "101.6(1.96)"
},
{
"model": "asa 5515-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.8(3)"
},
{
"model": "asa 5515-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "101.6(1.96)"
},
{
"model": "asa 5520",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.8(3)"
},
{
"model": "asa 5520",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "101.6(1.96)"
},
{
"model": "asa 5525-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.8(3)"
},
{
"model": "asa 5525-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "101.6(1.96)"
},
{
"model": "asa 5540",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.8(3)"
},
{
"model": "asa 5540",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "101.6(1.96)"
},
{
"model": "asa 5545-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.8(3)"
},
{
"model": "asa 5545-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "101.6(1.96)"
},
{
"model": "asa 5550",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.8(3)"
},
{
"model": "asa 5550",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "101.6(1.96)"
},
{
"model": "asa 5555-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.8(3)"
},
{
"model": "asa 5555-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "101.6(1.96)"
},
{
"model": "asa 5580",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.8(3)"
},
{
"model": "asa 5580",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "101.6(1.96)"
},
{
"model": "asa 5585-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "9.8(3)"
},
{
"model": "asa 5585-x",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "101.6(1.96)"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-3188"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005188"
},
{
"db": "NVD",
"id": "CVE-2020-3188"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.4.0.9",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.0.5",
"versionStartIncluding": "6.5.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5505_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5505_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5510_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5510_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5512-x_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5512-x_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5515-x_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5515-x_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5520_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5520_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5525-x_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5525-x_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5540_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5540_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5545-x_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5545-x_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5550_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5550_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5555-x_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5555-x_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5580_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5580_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5585-x_firmware:9.8\\(3\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:asa_5585-x_firmware:101.6\\(1.96\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-3188"
}
]
},
"cve": "CVE-2020-3188",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-005188",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-181313",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-3188",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ykramarz@cisco.com",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "Low",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-005188",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-3188",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2020-3188",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-005188",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202005-203",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-181313",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2020-3188",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181313"
},
{
"db": "VULMON",
"id": "CVE-2020-3188"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005188"
},
{
"db": "NVD",
"id": "CVE-2020-3188"
},
{
"db": "NVD",
"id": "CVE-2020-3188"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-203"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in how Cisco Firepower Threat Defense (FTD) Software handles session timeouts for management connections could allow an unauthenticated, remote attacker to cause a buildup of remote management connections to an affected device, which could result in a denial of service (DoS) condition. The vulnerability exists because the default session timeout period for specific to-the-box remote management connections is too long. An attacker could exploit this vulnerability by sending a large and sustained number of crafted remote management connections to an affected device, resulting in a buildup of those connections over time. A successful exploit could allow the attacker to cause the remote management interface or Cisco Firepower Device Manager (FDM) to stop responding and cause other management functions to go offline, resulting in a DoS condition. The user traffic that is flowing through the device would not be affected, and the DoS condition would be isolated to remote management only. Cisco Firepower Threat Defense (FTD) The software contains an input verification vulnerability.Service operation interruption (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-3188"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005188"
},
{
"db": "VULHUB",
"id": "VHN-181313"
},
{
"db": "VULMON",
"id": "CVE-2020-3188"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-3188",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005188",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202005-203",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.1614",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1614.2",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-181313",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2020-3188",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181313"
},
{
"db": "VULMON",
"id": "CVE-2020-3188"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005188"
},
{
"db": "NVD",
"id": "CVE-2020-3188"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-203"
}
]
},
"id": "VAR-202005-0686",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-181313"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:58:22.310000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-ftd-mgmt-interface-dos-FkG4MuTU",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ftd-mgmt-interface-dos-fkg4mutu"
},
{
"title": "Cisco: Cisco Firepower Threat Defense Software Management Interface Denial of Service Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-ftd-mgmt-interface-dos-fkg4mutu"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2020/05/07/cisco_may_patches/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-3188"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005188"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-613",
"trust": 1.1
},
{
"problemtype": "CWE-20",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181313"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005188"
},
{
"db": "NVD",
"id": "CVE-2020-3188"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ftd-mgmt-interface-dos-fkg4mutu"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-3188"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3188"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1614/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1614.2/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/181527"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181313"
},
{
"db": "VULMON",
"id": "CVE-2020-3188"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005188"
},
{
"db": "NVD",
"id": "CVE-2020-3188"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-203"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-181313"
},
{
"db": "VULMON",
"id": "CVE-2020-3188"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005188"
},
{
"db": "NVD",
"id": "CVE-2020-3188"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-203"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-06T00:00:00",
"db": "VULHUB",
"id": "VHN-181313"
},
{
"date": "2020-05-06T00:00:00",
"db": "VULMON",
"id": "CVE-2020-3188"
},
{
"date": "2020-06-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005188"
},
{
"date": "2020-05-06T17:15:12.150000",
"db": "NVD",
"id": "CVE-2020-3188"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-203"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-12T00:00:00",
"db": "VULHUB",
"id": "VHN-181313"
},
{
"date": "2020-05-12T00:00:00",
"db": "VULMON",
"id": "CVE-2020-3188"
},
{
"date": "2020-06-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005188"
},
{
"date": "2021-08-12T18:18:33.027000",
"db": "NVD",
"id": "CVE-2020-3188"
},
{
"date": "2020-05-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-203"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202005-203"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Firepower Threat Defense Input verification vulnerabilities in software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-005188"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202005-203"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…