ID

VAR-202005-0687


CVE

CVE-2020-3189


TITLE

Cisco Firepower Threat Defense Software exhaustion vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2020-005189

DESCRIPTION

A vulnerability in the VPN System Logging functionality for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak that can deplete system memory over time, which can cause unexpected system behaviors or device crashes. The vulnerability is due to the system memory not being properly freed for a VPN System Logging event generated when a VPN session is created or deleted. An attacker could exploit this vulnerability by repeatedly creating or deleting a VPN tunnel connection, which could leak a small amount of system memory for each logging event. A successful exploit could allow the attacker to cause system memory depletion, which can lead to a systemwide denial of service (DoS) condition. The attacker does not have any control of whether VPN System Logging is configured or not on the device, but it is enabled by default. Cisco Firepower Threat Defense (FTD) Software contains a resource exhaustion vulnerability.Service operation interruption (DoS) It may be put into a state. The following products and versions are affected: Cisco FTD Software Version 6.2.3.12, Version 6.2.3.13, Version 6.2.3.14, Version 6.2.3.15

Trust: 1.8

sources: NVD: CVE-2020-3189 // JVNDB: JVNDB-2020-005189 // VULHUB: VHN-181314 // VULMON: CVE-2020-3189

AFFECTED PRODUCTS

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3.12

Trust: 1.1

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3.13

Trust: 1.1

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3.14

Trust: 1.1

vendor:ciscomodel:firepower threat defensescope:eqversion:6.2.3.15

Trust: 1.1

vendor:ciscomodel:asa 5512-xscope:eqversion:9.9\(2\)

Trust: 1.0

vendor:ciscomodel:asa 5555-xscope:eqversion:9.9\(2.52\)

Trust: 1.0

vendor:ciscomodel:asa 5520scope:eqversion:9.9\(2.52\)

Trust: 1.0

vendor:ciscomodel:asa 5512-xscope:eqversion:9.9\(2.55\)

Trust: 1.0

vendor:ciscomodel:asa 5512-xscope:eqversion:9.9\(2.21\)

Trust: 1.0

vendor:ciscomodel:asa 5585-xscope:eqversion:9.9\(2\)

Trust: 1.0

vendor:ciscomodel:asa 5515-xscope:eqversion:9.9\(2\)

Trust: 1.0

vendor:ciscomodel:asa 5580scope:eqversion:9.9\(2.52\)

Trust: 1.0

vendor:ciscomodel:asa 5525-xscope:eqversion:9.9\(2.52\)

Trust: 1.0

vendor:ciscomodel:asa 5510scope:eqversion:9.9\(2\)

Trust: 1.0

vendor:ciscomodel:asa 5525-xscope:eqversion:9.9\(2.55\)

Trust: 1.0

vendor:ciscomodel:asa 5585-xscope:eqversion:9.9\(2.55\)

Trust: 1.0

vendor:ciscomodel:asa 5585-xscope:eqversion:9.9\(2.21\)

Trust: 1.0

vendor:ciscomodel:asa 5540scope:eqversion:9.9\(2\)

Trust: 1.0

vendor:ciscomodel:asa 5515-xscope:eqversion:9.9\(2.55\)

Trust: 1.0

vendor:ciscomodel:asa 5510scope:eqversion:9.9\(2.55\)

Trust: 1.0

vendor:ciscomodel:asa 5515-xscope:eqversion:9.9\(2.21\)

Trust: 1.0

vendor:ciscomodel:asa 5510scope:eqversion:9.9\(2.21\)

Trust: 1.0

vendor:ciscomodel:asa 5512-xscope:eqversion:9.9\(2.52\)

Trust: 1.0

vendor:ciscomodel:asa 5540scope:eqversion:9.9\(2.55\)

Trust: 1.0

vendor:ciscomodel:asa 5540scope:eqversion:9.9\(2.21\)

Trust: 1.0

vendor:ciscomodel:asa 5505scope:eqversion:9.9\(2\)

Trust: 1.0

vendor:ciscomodel:asa 5550scope:eqversion:9.9\(2\)

Trust: 1.0

vendor:ciscomodel:asa 5585-xscope:eqversion:9.9\(2.52\)

Trust: 1.0

vendor:ciscomodel:asa 5545-xscope:eqversion:9.9\(2\)

Trust: 1.0

vendor:ciscomodel:asa 5515-xscope:eqversion:9.9\(2.52\)

Trust: 1.0

vendor:ciscomodel:asa 5505scope:eqversion:9.9\(2.55\)

Trust: 1.0

vendor:ciscomodel:asa 5505scope:eqversion:9.9\(2.21\)

Trust: 1.0

vendor:ciscomodel:asa 5510scope:eqversion:9.9\(2.52\)

Trust: 1.0

vendor:ciscomodel:asa 5555-xscope:eqversion:9.9\(2\)

Trust: 1.0

vendor:ciscomodel:asa 5545-xscope:eqversion:9.9\(2.55\)

Trust: 1.0

vendor:ciscomodel:asa 5520scope:eqversion:9.9\(2\)

Trust: 1.0

vendor:ciscomodel:asa 5545-xscope:eqversion:9.9\(2.21\)

Trust: 1.0

vendor:ciscomodel:asa 5540scope:eqversion:9.9\(2.52\)

Trust: 1.0

vendor:ciscomodel:asa 5550scope:eqversion:9.9\(2.55\)

Trust: 1.0

vendor:ciscomodel:asa 5550scope:eqversion:9.9\(2.21\)

Trust: 1.0

vendor:ciscomodel:asa 5555-xscope:eqversion:9.9\(2.55\)

Trust: 1.0

vendor:ciscomodel:asa 5580scope:eqversion:9.9\(2\)

Trust: 1.0

vendor:ciscomodel:asa 5555-xscope:eqversion:9.9\(2.21\)

Trust: 1.0

vendor:ciscomodel:asa 5505scope:eqversion:9.9\(2.52\)

Trust: 1.0

vendor:ciscomodel:asa 5520scope:eqversion:9.9\(2.55\)

Trust: 1.0

vendor:ciscomodel:asa 5525-xscope:eqversion:9.9\(2\)

Trust: 1.0

vendor:ciscomodel:asa 5520scope:eqversion:9.9\(2.21\)

Trust: 1.0

vendor:ciscomodel:asa 5580scope:eqversion:9.9\(2.55\)

Trust: 1.0

vendor:ciscomodel:asa 5550scope:eqversion:9.9\(2.52\)

Trust: 1.0

vendor:ciscomodel:asa 5580scope:eqversion:9.9\(2.21\)

Trust: 1.0

vendor:ciscomodel:asa 5545-xscope:eqversion:9.9\(2.52\)

Trust: 1.0

vendor:ciscomodel:asa 5525-xscope:eqversion:9.9\(2.21\)

Trust: 1.0

vendor:ciscomodel:asa 5505scope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5510scope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5512-xscope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5515-xscope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5520scope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5525-xscope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5540scope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5545-xscope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5550scope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower threat defense softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5505scope:eqversion:9.9(2)

Trust: 0.1

vendor:ciscomodel:asa 5505scope:eqversion:9.9(2.21)

Trust: 0.1

vendor:ciscomodel:asa 5505scope:eqversion:9.9(2.52)

Trust: 0.1

vendor:ciscomodel:asa 5505scope:eqversion:9.9(2.55)

Trust: 0.1

vendor:ciscomodel:asa 5510scope:eqversion:9.9(2)

Trust: 0.1

vendor:ciscomodel:asa 5510scope:eqversion:9.9(2.21)

Trust: 0.1

vendor:ciscomodel:asa 5510scope:eqversion:9.9(2.52)

Trust: 0.1

vendor:ciscomodel:asa 5510scope:eqversion:9.9(2.55)

Trust: 0.1

vendor:ciscomodel:asa 5512-xscope:eqversion:9.9(2)

Trust: 0.1

vendor:ciscomodel:asa 5512-xscope:eqversion:9.9(2.21)

Trust: 0.1

vendor:ciscomodel:asa 5512-xscope:eqversion:9.9(2.52)

Trust: 0.1

vendor:ciscomodel:asa 5512-xscope:eqversion:9.9(2.55)

Trust: 0.1

vendor:ciscomodel:asa 5515-xscope:eqversion:9.9(2)

Trust: 0.1

vendor:ciscomodel:asa 5515-xscope:eqversion:9.9(2.21)

Trust: 0.1

vendor:ciscomodel:asa 5515-xscope:eqversion:9.9(2.52)

Trust: 0.1

vendor:ciscomodel:asa 5515-xscope:eqversion:9.9(2.55)

Trust: 0.1

vendor:ciscomodel:asa 5520scope:eqversion:9.9(2)

Trust: 0.1

vendor:ciscomodel:asa 5520scope:eqversion:9.9(2.21)

Trust: 0.1

vendor:ciscomodel:asa 5520scope:eqversion:9.9(2.52)

Trust: 0.1

vendor:ciscomodel:asa 5520scope:eqversion:9.9(2.55)

Trust: 0.1

vendor:ciscomodel:asa 5525-xscope:eqversion:9.9(2)

Trust: 0.1

vendor:ciscomodel:asa 5525-xscope:eqversion:9.9(2.21)

Trust: 0.1

vendor:ciscomodel:asa 5525-xscope:eqversion:9.9(2.52)

Trust: 0.1

vendor:ciscomodel:asa 5525-xscope:eqversion:9.9(2.55)

Trust: 0.1

vendor:ciscomodel:asa 5540scope:eqversion:9.9(2)

Trust: 0.1

vendor:ciscomodel:asa 5540scope:eqversion:9.9(2.21)

Trust: 0.1

vendor:ciscomodel:asa 5540scope:eqversion:9.9(2.52)

Trust: 0.1

vendor:ciscomodel:asa 5540scope:eqversion:9.9(2.55)

Trust: 0.1

vendor:ciscomodel:asa 5545-xscope:eqversion:9.9(2)

Trust: 0.1

vendor:ciscomodel:asa 5545-xscope:eqversion:9.9(2.21)

Trust: 0.1

vendor:ciscomodel:asa 5545-xscope:eqversion:9.9(2.52)

Trust: 0.1

vendor:ciscomodel:asa 5545-xscope:eqversion:9.9(2.55)

Trust: 0.1

vendor:ciscomodel:asa 5550scope:eqversion:9.9(2)

Trust: 0.1

vendor:ciscomodel:asa 5550scope:eqversion:9.9(2.21)

Trust: 0.1

vendor:ciscomodel:asa 5550scope:eqversion:9.9(2.52)

Trust: 0.1

vendor:ciscomodel:asa 5550scope:eqversion:9.9(2.55)

Trust: 0.1

vendor:ciscomodel:asa 5555-xscope:eqversion:9.9(2)

Trust: 0.1

vendor:ciscomodel:asa 5555-xscope:eqversion:9.9(2.21)

Trust: 0.1

vendor:ciscomodel:asa 5555-xscope:eqversion:9.9(2.52)

Trust: 0.1

vendor:ciscomodel:asa 5555-xscope:eqversion:9.9(2.55)

Trust: 0.1

vendor:ciscomodel:asa 5580scope:eqversion:9.9(2)

Trust: 0.1

vendor:ciscomodel:asa 5580scope:eqversion:9.9(2.21)

Trust: 0.1

vendor:ciscomodel:asa 5580scope:eqversion:9.9(2.52)

Trust: 0.1

vendor:ciscomodel:asa 5580scope:eqversion:9.9(2.55)

Trust: 0.1

vendor:ciscomodel:asa 5585-xscope:eqversion:9.9(2)

Trust: 0.1

vendor:ciscomodel:asa 5585-xscope:eqversion:9.9(2.21)

Trust: 0.1

vendor:ciscomodel:asa 5585-xscope:eqversion:9.9(2.52)

Trust: 0.1

vendor:ciscomodel:asa 5585-xscope:eqversion:9.9(2.55)

Trust: 0.1

sources: VULMON: CVE-2020-3189 // JVNDB: JVNDB-2020-005189 // NVD: CVE-2020-3189

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-3189
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3189
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-005189
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202005-207
value: HIGH

Trust: 0.6

VULHUB: VHN-181314
value: MEDIUM

Trust: 0.1

VULMON: CVE-2020-3189
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-3189
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: JVNDB-2020-005189
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-181314
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-3189
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3189
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.0

Trust: 1.0

NVD: JVNDB-2020-005189
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-181314 // VULMON: CVE-2020-3189 // JVNDB: JVNDB-2020-005189 // CNNVD: CNNVD-202005-207 // NVD: CVE-2020-3189 // NVD: CVE-2020-3189

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.9

problemtype:CWE-401

Trust: 1.1

sources: VULHUB: VHN-181314 // JVNDB: JVNDB-2020-005189 // NVD: CVE-2020-3189

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202005-207

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202005-207

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-005189

PATCH

title:cisco-sa-ftd-dos-Rdpe34sd8url:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-Rdpe34sd8

Trust: 0.8

title:Cisco Firepower Threat Defense Remediation of resource management error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117809

Trust: 0.6

title:Cisco: Cisco Firepower Threat Defense Software VPN System Logging Denial of Service Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-ftd-dos-Rdpe34sd8

Trust: 0.1

title:The Registerurl:https://www.theregister.co.uk/2020/05/07/cisco_may_patches/

Trust: 0.1

title:Threatposturl:https://threatpost.com/cisco-fixes-high-severity-flaws-in-firepower-security-software-asa/155568/

Trust: 0.1

sources: VULMON: CVE-2020-3189 // JVNDB: JVNDB-2020-005189 // CNNVD: CNNVD-202005-207

EXTERNAL IDS

db:NVDid:CVE-2020-3189

Trust: 2.6

db:JVNDBid:JVNDB-2020-005189

Trust: 0.8

db:CNNVDid:CNNVD-202005-207

Trust: 0.7

db:AUSCERTid:ESB-2020.1614

Trust: 0.6

db:AUSCERTid:ESB-2020.1614.2

Trust: 0.6

db:VULHUBid:VHN-181314

Trust: 0.1

db:VULMONid:CVE-2020-3189

Trust: 0.1

sources: VULHUB: VHN-181314 // VULMON: CVE-2020-3189 // JVNDB: JVNDB-2020-005189 // CNNVD: CNNVD-202005-207 // NVD: CVE-2020-3189

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ftd-dos-rdpe34sd8

Trust: 1.9

url:https://nvd.nist.gov/vuln/detail/cve-2020-3189

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3189

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2020.1614/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.1614.2/

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/400.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://threatpost.com/cisco-fixes-high-severity-flaws-in-firepower-security-software-asa/155568/

Trust: 0.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/181503

Trust: 0.1

sources: VULHUB: VHN-181314 // VULMON: CVE-2020-3189 // JVNDB: JVNDB-2020-005189 // CNNVD: CNNVD-202005-207 // NVD: CVE-2020-3189

SOURCES

db:VULHUBid:VHN-181314
db:VULMONid:CVE-2020-3189
db:JVNDBid:JVNDB-2020-005189
db:CNNVDid:CNNVD-202005-207
db:NVDid:CVE-2020-3189

LAST UPDATE DATE

2024-08-14T14:03:47.693000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-181314date:2021-08-12T00:00:00
db:VULMONid:CVE-2020-3189date:2020-05-12T00:00:00
db:JVNDBid:JVNDB-2020-005189date:2020-06-09T00:00:00
db:CNNVDid:CNNVD-202005-207date:2021-08-17T00:00:00
db:NVDid:CVE-2020-3189date:2021-08-12T18:18:10.037

SOURCES RELEASE DATE

db:VULHUBid:VHN-181314date:2020-05-06T00:00:00
db:VULMONid:CVE-2020-3189date:2020-05-06T00:00:00
db:JVNDBid:JVNDB-2020-005189date:2020-06-09T00:00:00
db:CNNVDid:CNNVD-202005-207date:2020-05-06T00:00:00
db:NVDid:CVE-2020-3189date:2020-05-06T17:15:12.230