Details of VAR-202005-0681

ID

VAR-202005-0681

CVE

CVE-2020-3179

TITLE

Cisco Firepower Threat Defense Double release vulnerability in software

Trust: 0.8

sources: JVNDB: JVNDB-2020-005192

DESCRIPTION

A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory handling error when GRE over IPv6 traffic is processed. An attacker could exploit this vulnerability by sending crafted GRE over IPv6 packets with either IPv4 or IPv6 payload through an affected device. A successful exploit could allow the attacker to cause the device to crash, resulting in a DoS condition. Cisco Firepower Threat Defense (FTD) The software contains a double release vulnerability.Service operation interruption (DoS) It may be put into a state

Trust: 1.8

sources: NVD: CVE-2020-3179 // JVNDB: JVNDB-2020-005192 // VULHUB: VHN-181304 // VULMON: CVE-2020-3179

AFFECTED PRODUCTS

vendor:	cisco	model:	asa 5512-x	scope:	eq	version:	9.9\(2\)	Trust: 1.0
vendor:	cisco	model:	asa 5550	scope:	eq	version:	9.9\(2\)	Trust: 1.0
vendor:	cisco	model:	asa 5505	scope:	eq	version:	101.5\(1.26\)	Trust: 1.0
vendor:	cisco	model:	asa 5545-x	scope:	eq	version:	9.9\(2\)	Trust: 1.0
vendor:	cisco	model:	asa 5512-x	scope:	eq	version:	101.5\(1.26\)	Trust: 1.0
vendor:	cisco	model:	asa 5550	scope:	eq	version:	101.5\(1.26\)	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.4.0	Trust: 1.0
vendor:	cisco	model:	asa 5545-x	scope:	eq	version:	101.5\(1.26\)	Trust: 1.0
vendor:	cisco	model:	asa 5555-x	scope:	eq	version:	9.9\(2\)	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.4.0.6	Trust: 1.0
vendor:	cisco	model:	asa 5585-x	scope:	eq	version:	9.9\(2\)	Trust: 1.0
vendor:	cisco	model:	asa 5520	scope:	eq	version:	9.9\(2\)	Trust: 1.0
vendor:	cisco	model:	asa 5515-x	scope:	eq	version:	9.9\(2\)	Trust: 1.0
vendor:	cisco	model:	asa 5585-x	scope:	eq	version:	101.5\(1.26\)	Trust: 1.0
vendor:	cisco	model:	asa 5520	scope:	eq	version:	101.5\(1.26\)	Trust: 1.0
vendor:	cisco	model:	asa 5510	scope:	eq	version:	9.9\(2\)	Trust: 1.0
vendor:	cisco	model:	asa 5555-x	scope:	eq	version:	101.5\(1.26\)	Trust: 1.0
vendor:	cisco	model:	asa 5515-x	scope:	eq	version:	101.5\(1.26\)	Trust: 1.0
vendor:	cisco	model:	asa 5510	scope:	eq	version:	101.5\(1.26\)	Trust: 1.0
vendor:	cisco	model:	asa 5540	scope:	eq	version:	9.9\(2\)	Trust: 1.0
vendor:	cisco	model:	asa 5580	scope:	eq	version:	9.9\(2\)	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.3.0.5	Trust: 1.0
vendor:	cisco	model:	asa 5525-x	scope:	eq	version:	9.9\(2\)	Trust: 1.0
vendor:	cisco	model:	asa 5540	scope:	eq	version:	101.5\(1.26\)	Trust: 1.0
vendor:	cisco	model:	asa 5580	scope:	eq	version:	101.5\(1.26\)	Trust: 1.0
vendor:	cisco	model:	asa 5525-x	scope:	eq	version:	101.5\(1.26\)	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.3.0	Trust: 1.0
vendor:	cisco	model:	asa 5505	scope:	eq	version:	9.9\(2\)	Trust: 1.0
vendor:	cisco	model:	asa 5505	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	asa 5510	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	asa 5512-x	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	asa 5515-x	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	asa 5520	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	asa 5525-x	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	asa 5540	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	asa 5545-x	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	asa 5550	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower threat defense software	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.3.0	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.3.0.1	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.3.0.2	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.3.0.3	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.3.0.4	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.1	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.2	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.3	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.4	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.5	Trust: 0.1
vendor:	cisco	model:	asa 5505	scope:	eq	version:	9.9(2)	Trust: 0.1
vendor:	cisco	model:	asa 5505	scope:	eq	version:	101.5(1.26)	Trust: 0.1
vendor:	cisco	model:	asa 5510	scope:	eq	version:	9.9(2)	Trust: 0.1
vendor:	cisco	model:	asa 5510	scope:	eq	version:	101.5(1.26)	Trust: 0.1
vendor:	cisco	model:	asa 5512-x	scope:	eq	version:	9.9(2)	Trust: 0.1
vendor:	cisco	model:	asa 5512-x	scope:	eq	version:	101.5(1.26)	Trust: 0.1
vendor:	cisco	model:	asa 5515-x	scope:	eq	version:	9.9(2)	Trust: 0.1
vendor:	cisco	model:	asa 5515-x	scope:	eq	version:	101.5(1.26)	Trust: 0.1
vendor:	cisco	model:	asa 5520	scope:	eq	version:	9.9(2)	Trust: 0.1
vendor:	cisco	model:	asa 5520	scope:	eq	version:	101.5(1.26)	Trust: 0.1
vendor:	cisco	model:	asa 5525-x	scope:	eq	version:	9.9(2)	Trust: 0.1
vendor:	cisco	model:	asa 5525-x	scope:	eq	version:	101.5(1.26)	Trust: 0.1
vendor:	cisco	model:	asa 5540	scope:	eq	version:	9.9(2)	Trust: 0.1
vendor:	cisco	model:	asa 5540	scope:	eq	version:	101.5(1.26)	Trust: 0.1
vendor:	cisco	model:	asa 5545-x	scope:	eq	version:	9.9(2)	Trust: 0.1
vendor:	cisco	model:	asa 5545-x	scope:	eq	version:	101.5(1.26)	Trust: 0.1
vendor:	cisco	model:	asa 5550	scope:	eq	version:	9.9(2)	Trust: 0.1
vendor:	cisco	model:	asa 5550	scope:	eq	version:	101.5(1.26)	Trust: 0.1
vendor:	cisco	model:	asa 5555-x	scope:	eq	version:	9.9(2)	Trust: 0.1
vendor:	cisco	model:	asa 5555-x	scope:	eq	version:	101.5(1.26)	Trust: 0.1
vendor:	cisco	model:	asa 5580	scope:	eq	version:	9.9(2)	Trust: 0.1
vendor:	cisco	model:	asa 5580	scope:	eq	version:	101.5(1.26)	Trust: 0.1
vendor:	cisco	model:	asa 5585-x	scope:	eq	version:	9.9(2)	Trust: 0.1
vendor:	cisco	model:	asa 5585-x	scope:	eq	version:	101.5(1.26)	Trust: 0.1

sources: VULMON: CVE-2020-3179 // JVNDB: JVNDB-2020-005192 // NVD: CVE-2020-3179

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-3179
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2020-3179
value:	HIGH
Trust: 1.0
NVD:	JVNDB-2020-005192
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202005-202
value:	HIGH
Trust: 0.6
VULHUB:	VHN-181304
value:	HIGH
Trust: 0.1
VULMON:	CVE-2020-3179
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2020-3179
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
NVD:	JVNDB-2020-005192
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-181304
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2020-3179
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2020-3179
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.0
version:	3.0
Trust: 1.0
NVD:	JVNDB-2020-005192
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-181304 // VULMON: CVE-2020-3179 // JVNDB: JVNDB-2020-005192 // CNNVD: CNNVD-202005-202 // NVD: CVE-2020-3179 // NVD: CVE-2020-3179

PROBLEMTYPE DATA

problemtype:

CWE-415

Trust: 1.9

sources: VULHUB: VHN-181304 // JVNDB: JVNDB-2020-005192 // NVD: CVE-2020-3179

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202005-202

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202005-202

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-005192

PATCH

title:	cisco-sa-ftd-dos-2-sS2h7aWe	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-2-sS2h7aWe	Trust: 0.8
title:	Cisco: Cisco Firepower Threat Defense Software Generic Routing Encapsulation Tunnel IPv6 Denial of Service Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-ftd-dos-2-sS2h7aWe	Trust: 0.1
title:	The Register	url:	https://www.theregister.co.uk/2020/05/07/cisco_may_patches/	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/cisco-fixes-high-severity-flaws-in-firepower-security-software-asa/155568/	Trust: 0.1

sources: VULMON: CVE-2020-3179 // JVNDB: JVNDB-2020-005192

EXTERNAL IDS

db:	NVD	id:	CVE-2020-3179	Trust: 2.6
db:	JVNDB	id:	JVNDB-2020-005192	Trust: 0.8
db:	CNNVD	id:	CNNVD-202005-202	Trust: 0.7
db:	AUSCERT	id:	ESB-2020.1614.2	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1614	Trust: 0.6
db:	NSFOCUS	id:	47279	Trust: 0.6
db:	VULHUB	id:	VHN-181304	Trust: 0.1
db:	VULMON	id:	CVE-2020-3179	Trust: 0.1

sources: VULHUB: VHN-181304 // VULMON: CVE-2020-3179 // JVNDB: JVNDB-2020-005192 // CNNVD: CNNVD-202005-202 // NVD: CVE-2020-3179

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ftd-dos-2-ss2h7awe	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3179	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3179	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/47279	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1614/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1614.2/	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/415.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/181521	Trust: 0.1
url:	https://threatpost.com/cisco-fixes-high-severity-flaws-in-firepower-security-software-asa/155568/	Trust: 0.1

sources: VULHUB: VHN-181304 // VULMON: CVE-2020-3179 // JVNDB: JVNDB-2020-005192 // CNNVD: CNNVD-202005-202 // NVD: CVE-2020-3179

SOURCES

db:	VULHUB	id:	VHN-181304
db:	VULMON	id:	CVE-2020-3179
db:	JVNDB	id:	JVNDB-2020-005192
db:	CNNVD	id:	CNNVD-202005-202
db:	NVD	id:	CVE-2020-3179

LAST UPDATE DATE

2024-08-14T14:03:47.789000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-181304	date:	2020-05-12T00:00:00
db:	VULMON	id:	CVE-2020-3179	date:	2020-05-12T00:00:00
db:	JVNDB	id:	JVNDB-2020-005192	date:	2020-06-09T00:00:00
db:	CNNVD	id:	CNNVD-202005-202	date:	2020-07-28T00:00:00
db:	NVD	id:	CVE-2020-3179	date:	2020-05-12T19:11:56.917

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-181304	date:	2020-05-06T00:00:00
db:	VULMON	id:	CVE-2020-3179	date:	2020-05-06T00:00:00
db:	JVNDB	id:	JVNDB-2020-005192	date:	2020-06-09T00:00:00
db:	CNNVD	id:	CNNVD-202005-202	date:	2020-05-06T00:00:00
db:	NVD	id:	CVE-2020-3179	date:	2020-05-06T17:15:11.917