VAR-202005-0700
Vulnerability from variot - Updated: 2023-12-18 11:58A vulnerability in the Transport Layer Security version 1.3 (TLS 1.3) policy with URL category functionality for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured TLS 1.3 policy to block traffic for a specific URL. The vulnerability is due to a logic error with Snort handling of the connection with the TLS 1.3 policy and URL category configuration. An attacker could exploit this vulnerability by sending crafted TLS 1.3 connections to an affected device. A successful exploit could allow the attacker to bypass the TLS 1.3 policy and access URLs that are outside the affected device and normally would be dropped. Cisco Firepower Threat Defense (FTD) The software contains an input verification vulnerability.Information may be tampered with
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202005-0700",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "firepower threat defense",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "6.4.0.8"
},
{
"model": "firepower threat defense",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "6.4.0"
},
{
"model": "firepower threat defense software",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.1"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.2"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.3"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.4"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.5"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.6"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.7"
},
{
"model": "firepower threat defense",
"scope": "eq",
"trust": 0.1,
"vendor": "cisco",
"version": "6.4.0.8"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-3285"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005200"
},
{
"db": "NVD",
"id": "CVE-2020-3285"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.4.0.8",
"versionStartIncluding": "6.4.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-3285"
}
]
},
"cve": "CVE-2020-3285",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-005200",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-181410",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-3285",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ykramarz@cisco.com",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.8,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2020-005200",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-3285",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2020-3285",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2020-005200",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202005-219",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-181410",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2020-3285",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181410"
},
{
"db": "VULMON",
"id": "CVE-2020-3285"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005200"
},
{
"db": "NVD",
"id": "CVE-2020-3285"
},
{
"db": "NVD",
"id": "CVE-2020-3285"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-219"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Transport Layer Security version 1.3 (TLS 1.3) policy with URL category functionality for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured TLS 1.3 policy to block traffic for a specific URL. The vulnerability is due to a logic error with Snort handling of the connection with the TLS 1.3 policy and URL category configuration. An attacker could exploit this vulnerability by sending crafted TLS 1.3 connections to an affected device. A successful exploit could allow the attacker to bypass the TLS 1.3 policy and access URLs that are outside the affected device and normally would be dropped. Cisco Firepower Threat Defense (FTD) The software contains an input verification vulnerability.Information may be tampered with",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-3285"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005200"
},
{
"db": "VULHUB",
"id": "VHN-181410"
},
{
"db": "VULMON",
"id": "CVE-2020-3285"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-3285",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005200",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202005-219",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "47260",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1614",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1614.2",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-181410",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2020-3285",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181410"
},
{
"db": "VULMON",
"id": "CVE-2020-3285"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005200"
},
{
"db": "NVD",
"id": "CVE-2020-3285"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-219"
}
]
},
"id": "VAR-202005-0700",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-181410"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:58:22.807000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-ssl-bypass-O5tGum2n",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ssl-bypass-o5tgum2n"
},
{
"title": "Cisco: Cisco Firepower Threat Defense Software SSL/TLS URL Category Bypass Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-ssl-bypass-o5tgum2n"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2020/05/07/cisco_may_patches/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2020-3285"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005200"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-20",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181410"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005200"
},
{
"db": "NVD",
"id": "CVE-2020-3285"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ssl-bypass-o5tgum2n"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-3285"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3285"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/47260"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1614/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1614.2/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/181547"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181410"
},
{
"db": "VULMON",
"id": "CVE-2020-3285"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005200"
},
{
"db": "NVD",
"id": "CVE-2020-3285"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-219"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-181410"
},
{
"db": "VULMON",
"id": "CVE-2020-3285"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-005200"
},
{
"db": "NVD",
"id": "CVE-2020-3285"
},
{
"db": "CNNVD",
"id": "CNNVD-202005-219"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-06T00:00:00",
"db": "VULHUB",
"id": "VHN-181410"
},
{
"date": "2020-05-06T00:00:00",
"db": "VULMON",
"id": "CVE-2020-3285"
},
{
"date": "2020-06-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005200"
},
{
"date": "2020-05-06T17:15:12.887000",
"db": "NVD",
"id": "CVE-2020-3285"
},
{
"date": "2020-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-219"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-10-12T00:00:00",
"db": "VULHUB",
"id": "VHN-181410"
},
{
"date": "2020-05-12T00:00:00",
"db": "VULMON",
"id": "CVE-2020-3285"
},
{
"date": "2020-06-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-005200"
},
{
"date": "2021-10-12T13:59:44.627000",
"db": "NVD",
"id": "CVE-2020-3285"
},
{
"date": "2021-10-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202005-219"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202005-219"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Firepower Threat Defense Input verification vulnerabilities in software",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-005200"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202005-219"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…