ID

VAR-202005-0686


CVE

CVE-2020-3188


TITLE

Cisco Firepower Threat Defense Input verification vulnerabilities in software

Trust: 0.8

sources: JVNDB: JVNDB-2020-005188

DESCRIPTION

A vulnerability in how Cisco Firepower Threat Defense (FTD) Software handles session timeouts for management connections could allow an unauthenticated, remote attacker to cause a buildup of remote management connections to an affected device, which could result in a denial of service (DoS) condition. The vulnerability exists because the default session timeout period for specific to-the-box remote management connections is too long. An attacker could exploit this vulnerability by sending a large and sustained number of crafted remote management connections to an affected device, resulting in a buildup of those connections over time. A successful exploit could allow the attacker to cause the remote management interface or Cisco Firepower Device Manager (FDM) to stop responding and cause other management functions to go offline, resulting in a DoS condition. The user traffic that is flowing through the device would not be affected, and the DoS condition would be isolated to remote management only. Cisco Firepower Threat Defense (FTD) The software contains an input verification vulnerability.Service operation interruption (DoS) It may be put into a state

Trust: 1.8

sources: NVD: CVE-2020-3188 // JVNDB: JVNDB-2020-005188 // VULHUB: VHN-181313 // VULMON: CVE-2020-3188

AFFECTED PRODUCTS

vendor:ciscomodel:asa 5525-xscope:eqversion:9.8\(3\)

Trust: 1.0

vendor:ciscomodel:asa 5505scope:eqversion:101.6\(1.96\)

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.4.0.9

Trust: 1.0

vendor:ciscomodel:asa 5512-xscope:eqversion:101.6\(1.96\)

Trust: 1.0

vendor:ciscomodel:asa 5550scope:eqversion:101.6\(1.96\)

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.4.0

Trust: 1.0

vendor:ciscomodel:asa 5545-xscope:eqversion:101.6\(1.96\)

Trust: 1.0

vendor:ciscomodel:asa 5505scope:eqversion:9.8\(3\)

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.5.0

Trust: 1.0

vendor:ciscomodel:asa 5545-xscope:eqversion:9.8\(3\)

Trust: 1.0

vendor:ciscomodel:asa 5512-xscope:eqversion:9.8\(3\)

Trust: 1.0

vendor:ciscomodel:asa 5580scope:eqversion:9.8\(3\)

Trust: 1.0

vendor:ciscomodel:asa 5550scope:eqversion:9.8\(3\)

Trust: 1.0

vendor:ciscomodel:asa 5585-xscope:eqversion:101.6\(1.96\)

Trust: 1.0

vendor:ciscomodel:asa 5520scope:eqversion:101.6\(1.96\)

Trust: 1.0

vendor:ciscomodel:asa 5555-xscope:eqversion:101.6\(1.96\)

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.5.0.5

Trust: 1.0

vendor:ciscomodel:asa 5585-xscope:eqversion:9.8\(3\)

Trust: 1.0

vendor:ciscomodel:asa 5515-xscope:eqversion:101.6\(1.96\)

Trust: 1.0

vendor:ciscomodel:asa 5510scope:eqversion:101.6\(1.96\)

Trust: 1.0

vendor:ciscomodel:asa 5555-xscope:eqversion:9.8\(3\)

Trust: 1.0

vendor:ciscomodel:asa 5520scope:eqversion:9.8\(3\)

Trust: 1.0

vendor:ciscomodel:asa 5515-xscope:eqversion:9.8\(3\)

Trust: 1.0

vendor:ciscomodel:asa 5510scope:eqversion:9.8\(3\)

Trust: 1.0

vendor:ciscomodel:asa 5540scope:eqversion:101.6\(1.96\)

Trust: 1.0

vendor:ciscomodel:asa 5580scope:eqversion:101.6\(1.96\)

Trust: 1.0

vendor:ciscomodel:asa 5525-xscope:eqversion:101.6\(1.96\)

Trust: 1.0

vendor:ciscomodel:asa 5540scope:eqversion:9.8\(3\)

Trust: 1.0

vendor:ciscomodel:asa 5505scope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5510scope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5512-xscope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5515-xscope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5520scope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5525-xscope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5540scope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5545-xscope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5550scope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower threat defense softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0

Trust: 0.1

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.1

Trust: 0.1

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.2

Trust: 0.1

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.3

Trust: 0.1

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.4

Trust: 0.1

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.5

Trust: 0.1

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.6

Trust: 0.1

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.7

Trust: 0.1

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.8

Trust: 0.1

vendor:ciscomodel:firepower threat defensescope:eqversion:6.5.0

Trust: 0.1

vendor:ciscomodel:firepower threat defensescope:eqversion:6.5.0.2

Trust: 0.1

vendor:ciscomodel:firepower threat defensescope:eqversion:6.5.0.3

Trust: 0.1

vendor:ciscomodel:asa 5505scope:eqversion:9.8(3)

Trust: 0.1

vendor:ciscomodel:asa 5505scope:eqversion:101.6(1.96)

Trust: 0.1

vendor:ciscomodel:asa 5510scope:eqversion:9.8(3)

Trust: 0.1

vendor:ciscomodel:asa 5510scope:eqversion:101.6(1.96)

Trust: 0.1

vendor:ciscomodel:asa 5512-xscope:eqversion:9.8(3)

Trust: 0.1

vendor:ciscomodel:asa 5512-xscope:eqversion:101.6(1.96)

Trust: 0.1

vendor:ciscomodel:asa 5515-xscope:eqversion:9.8(3)

Trust: 0.1

vendor:ciscomodel:asa 5515-xscope:eqversion:101.6(1.96)

Trust: 0.1

vendor:ciscomodel:asa 5520scope:eqversion:9.8(3)

Trust: 0.1

vendor:ciscomodel:asa 5520scope:eqversion:101.6(1.96)

Trust: 0.1

vendor:ciscomodel:asa 5525-xscope:eqversion:9.8(3)

Trust: 0.1

vendor:ciscomodel:asa 5525-xscope:eqversion:101.6(1.96)

Trust: 0.1

vendor:ciscomodel:asa 5540scope:eqversion:9.8(3)

Trust: 0.1

vendor:ciscomodel:asa 5540scope:eqversion:101.6(1.96)

Trust: 0.1

vendor:ciscomodel:asa 5545-xscope:eqversion:9.8(3)

Trust: 0.1

vendor:ciscomodel:asa 5545-xscope:eqversion:101.6(1.96)

Trust: 0.1

vendor:ciscomodel:asa 5550scope:eqversion:9.8(3)

Trust: 0.1

vendor:ciscomodel:asa 5550scope:eqversion:101.6(1.96)

Trust: 0.1

vendor:ciscomodel:asa 5555-xscope:eqversion:9.8(3)

Trust: 0.1

vendor:ciscomodel:asa 5555-xscope:eqversion:101.6(1.96)

Trust: 0.1

vendor:ciscomodel:asa 5580scope:eqversion:9.8(3)

Trust: 0.1

vendor:ciscomodel:asa 5580scope:eqversion:101.6(1.96)

Trust: 0.1

vendor:ciscomodel:asa 5585-xscope:eqversion:9.8(3)

Trust: 0.1

vendor:ciscomodel:asa 5585-xscope:eqversion:101.6(1.96)

Trust: 0.1

sources: VULMON: CVE-2020-3188 // JVNDB: JVNDB-2020-005188 // NVD: CVE-2020-3188

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-3188
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3188
value: MEDIUM

Trust: 1.0

NVD: JVNDB-2020-005188
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202005-203
value: MEDIUM

Trust: 0.6

VULHUB: VHN-181313
value: MEDIUM

Trust: 0.1

VULMON: CVE-2020-3188
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-3188
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: JVNDB-2020-005188
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-181313
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-3188
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3188
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.0

NVD: JVNDB-2020-005188
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-181313 // VULMON: CVE-2020-3188 // JVNDB: JVNDB-2020-005188 // CNNVD: CNNVD-202005-203 // NVD: CVE-2020-3188 // NVD: CVE-2020-3188

PROBLEMTYPE DATA

problemtype:CWE-613

Trust: 1.1

problemtype:CWE-399

Trust: 1.0

problemtype:CWE-20

Trust: 0.9

sources: VULHUB: VHN-181313 // JVNDB: JVNDB-2020-005188 // NVD: CVE-2020-3188

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202005-203

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202005-203

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-005188

PATCH

title:cisco-sa-ftd-mgmt-interface-dos-FkG4MuTUurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-mgmt-interface-dos-FkG4MuTU

Trust: 0.8

title:Cisco: Cisco Firepower Threat Defense Software Management Interface Denial of Service Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-ftd-mgmt-interface-dos-FkG4MuTU

Trust: 0.1

title:The Registerurl:https://www.theregister.co.uk/2020/05/07/cisco_may_patches/

Trust: 0.1

sources: VULMON: CVE-2020-3188 // JVNDB: JVNDB-2020-005188

EXTERNAL IDS

db:NVDid:CVE-2020-3188

Trust: 2.6

db:JVNDBid:JVNDB-2020-005188

Trust: 0.8

db:CNNVDid:CNNVD-202005-203

Trust: 0.7

db:AUSCERTid:ESB-2020.1614

Trust: 0.6

db:AUSCERTid:ESB-2020.1614.2

Trust: 0.6

db:VULHUBid:VHN-181313

Trust: 0.1

db:VULMONid:CVE-2020-3188

Trust: 0.1

sources: VULHUB: VHN-181313 // VULMON: CVE-2020-3188 // JVNDB: JVNDB-2020-005188 // CNNVD: CNNVD-202005-203 // NVD: CVE-2020-3188

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ftd-mgmt-interface-dos-fkg4mutu

Trust: 1.9

url:https://nvd.nist.gov/vuln/detail/cve-2020-3188

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3188

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2020.1614/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.1614.2/

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/20.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/181527

Trust: 0.1

sources: VULHUB: VHN-181313 // VULMON: CVE-2020-3188 // JVNDB: JVNDB-2020-005188 // CNNVD: CNNVD-202005-203 // NVD: CVE-2020-3188

SOURCES

db:VULHUBid:VHN-181313
db:VULMONid:CVE-2020-3188
db:JVNDBid:JVNDB-2020-005188
db:CNNVDid:CNNVD-202005-203
db:NVDid:CVE-2020-3188

LAST UPDATE DATE

2024-08-14T14:03:47.390000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-181313date:2021-08-12T00:00:00
db:VULMONid:CVE-2020-3188date:2020-05-12T00:00:00
db:JVNDBid:JVNDB-2020-005188date:2020-06-09T00:00:00
db:CNNVDid:CNNVD-202005-203date:2020-05-15T00:00:00
db:NVDid:CVE-2020-3188date:2021-08-12T18:18:33.027

SOURCES RELEASE DATE

db:VULHUBid:VHN-181313date:2020-05-06T00:00:00
db:VULMONid:CVE-2020-3188date:2020-05-06T00:00:00
db:JVNDBid:JVNDB-2020-005188date:2020-06-09T00:00:00
db:CNNVDid:CNNVD-202005-203date:2020-05-06T00:00:00
db:NVDid:CVE-2020-3188date:2020-05-06T17:15:12.150