ID

VAR-202005-0693


CVE

CVE-2020-3254


TITLE

Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense Software exhaustion vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2020-005205

DESCRIPTION

Multiple vulnerabilities in the Media Gateway Control Protocol (MGCP) inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerabilities are due to inefficient memory management. An attacker could exploit these vulnerabilities by sending crafted MGCP packets through an affected device. An exploit could allow the attacker to cause memory exhaustion resulting in a restart of an affected device, causing a DoS condition for traffic traversing the device. The platform provides features such as highly secure access to data and network resources

Trust: 1.8

sources: NVD: CVE-2020-3254 // JVNDB: JVNDB-2020-005205 // VULHUB: VHN-181379 // VULMON: CVE-2020-3254

AFFECTED PRODUCTS

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.8.4.7

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.2.3

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.9.2.66

Trust: 1.0

vendor:ciscomodel:asa 5505scope:eqversion:9.10\(1.3\)

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.4.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.10

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.4.0.4

Trust: 1.0

vendor:ciscomodel:asa 5512-xscope:eqversion:9.10\(1.3\)

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.2.3.16

Trust: 1.0

vendor:ciscomodel:asa 5545-xscope:eqversion:9.10\(1.3\)

Trust: 1.0

vendor:ciscomodel:asa 5550scope:eqversion:9.10\(1.3\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.10.1.27

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.12

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.12.2.1

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.6

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.6.4.34

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.9

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.8

Trust: 1.0

vendor:ciscomodel:asa 5555-xscope:eqversion:9.10\(1.3\)

Trust: 1.0

vendor:ciscomodel:asa 5585-xscope:eqversion:9.10\(1.3\)

Trust: 1.0

vendor:ciscomodel:asa 5520scope:eqversion:9.10\(1.3\)

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.3.0.6

Trust: 1.0

vendor:ciscomodel:asa 5510scope:eqversion:9.10\(1.3\)

Trust: 1.0

vendor:ciscomodel:asa 5515-xscope:eqversion:9.10\(1.3\)

Trust: 1.0

vendor:ciscomodel:asa 5540scope:eqversion:9.10\(1.3\)

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.3.0

Trust: 1.0

vendor:ciscomodel:asa 5580scope:eqversion:9.10\(1.3\)

Trust: 1.0

vendor:ciscomodel:asa 5525-xscope:eqversion:9.10\(1.3\)

Trust: 1.0

vendor:ciscomodel:asa 5505scope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5510scope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5512-xscope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5515-xscope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5520scope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5525-xscope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5540scope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5545-xscope: - version: -

Trust: 0.8

vendor:ciscomodel:asa 5550scope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower threat defense softwarescope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-005205 // NVD: CVE-2020-3254

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-3254
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3254
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-005205
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202005-215
value: HIGH

Trust: 0.6

VULHUB: VHN-181379
value: HIGH

Trust: 0.1

VULMON: CVE-2020-3254
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2020-3254
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: JVNDB-2020-005205
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-181379
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-3254
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3254
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.0

Trust: 1.0

NVD: JVNDB-2020-005205
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-181379 // VULMON: CVE-2020-3254 // JVNDB: JVNDB-2020-005205 // CNNVD: CNNVD-202005-215 // NVD: CVE-2020-3254 // NVD: CVE-2020-3254

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.9

sources: VULHUB: VHN-181379 // JVNDB: JVNDB-2020-005205 // NVD: CVE-2020-3254

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202005-215

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202005-215

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-005205

PATCH

title:cisco-sa-asaftd-mgcp-SUqB8VKHurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgcp-SUqB8VKH

Trust: 0.8

title:Cisco Firepower Threat Defense and Adaptive Security Appliances Software Remediation of resource management error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117817

Trust: 0.6

title:Cisco: Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Media Gateway Control Protocol Denial of Service Vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-asaftd-mgcp-SUqB8VKH

Trust: 0.1

title:The Registerurl:https://www.theregister.co.uk/2020/05/07/cisco_may_patches/

Trust: 0.1

title:Threatposturl:https://threatpost.com/cisco-fixes-high-severity-flaws-in-firepower-security-software-asa/155568/

Trust: 0.1

sources: VULMON: CVE-2020-3254 // JVNDB: JVNDB-2020-005205 // CNNVD: CNNVD-202005-215

EXTERNAL IDS

db:NVDid:CVE-2020-3254

Trust: 2.6

db:JVNDBid:JVNDB-2020-005205

Trust: 0.8

db:CNNVDid:CNNVD-202005-215

Trust: 0.7

db:AUSCERTid:ESB-2020.1615

Trust: 0.6

db:AUSCERTid:ESB-2020.1615.2

Trust: 0.6

db:CNVDid:CNVD-2020-31105

Trust: 0.1

db:VULHUBid:VHN-181379

Trust: 0.1

db:VULMONid:CVE-2020-3254

Trust: 0.1

sources: VULHUB: VHN-181379 // VULMON: CVE-2020-3254 // JVNDB: JVNDB-2020-005205 // CNNVD: CNNVD-202005-215 // NVD: CVE-2020-3254

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-asaftd-mgcp-suqb8vkh

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2020-3254

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3254

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2020.1615/

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-asa-memory-leak-via-mgcp-32193

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.1615.2/

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/400.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/181497

Trust: 0.1

url:https://threatpost.com/cisco-fixes-high-severity-flaws-in-firepower-security-software-asa/155568/

Trust: 0.1

sources: VULHUB: VHN-181379 // VULMON: CVE-2020-3254 // JVNDB: JVNDB-2020-005205 // CNNVD: CNNVD-202005-215 // NVD: CVE-2020-3254

SOURCES

db:VULHUBid:VHN-181379
db:VULMONid:CVE-2020-3254
db:JVNDBid:JVNDB-2020-005205
db:CNNVDid:CNNVD-202005-215
db:NVDid:CVE-2020-3254

LAST UPDATE DATE

2024-08-14T13:24:33.641000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-181379date:2020-05-12T00:00:00
db:VULMONid:CVE-2020-3254date:2020-05-12T00:00:00
db:JVNDBid:JVNDB-2020-005205date:2020-06-09T00:00:00
db:CNNVDid:CNNVD-202005-215date:2020-05-13T00:00:00
db:NVDid:CVE-2020-3254date:2023-08-16T16:17:07.960

SOURCES RELEASE DATE

db:VULHUBid:VHN-181379date:2020-05-06T00:00:00
db:VULMONid:CVE-2020-3254date:2020-05-06T00:00:00
db:JVNDBid:JVNDB-2020-005205date:2020-06-09T00:00:00
db:CNNVDid:CNNVD-202005-215date:2020-05-06T00:00:00
db:NVDid:CVE-2020-3254date:2020-05-06T17:15:12.603