ID

VAR-202005-0700


CVE

CVE-2020-3285


TITLE

Cisco Firepower Threat Defense Input verification vulnerabilities in software

Trust: 0.8

sources: JVNDB: JVNDB-2020-005200

DESCRIPTION

A vulnerability in the Transport Layer Security version 1.3 (TLS 1.3) policy with URL category functionality for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured TLS 1.3 policy to block traffic for a specific URL. The vulnerability is due to a logic error with Snort handling of the connection with the TLS 1.3 policy and URL category configuration. An attacker could exploit this vulnerability by sending crafted TLS 1.3 connections to an affected device. A successful exploit could allow the attacker to bypass the TLS 1.3 policy and access URLs that are outside the affected device and normally would be dropped. Cisco Firepower Threat Defense (FTD) The software contains an input verification vulnerability.Information may be tampered with

Trust: 1.8

sources: NVD: CVE-2020-3285 // JVNDB: JVNDB-2020-005200 // VULHUB: VHN-181410 // VULMON: CVE-2020-3285

AFFECTED PRODUCTS

vendor:ciscomodel:firepower threat defensescope:lteversion:6.4.0.8

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.4.0

Trust: 1.0

vendor:ciscomodel:firepower threat defense softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0

Trust: 0.1

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.1

Trust: 0.1

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.2

Trust: 0.1

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.3

Trust: 0.1

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.4

Trust: 0.1

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.5

Trust: 0.1

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.6

Trust: 0.1

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.7

Trust: 0.1

vendor:ciscomodel:firepower threat defensescope:eqversion:6.4.0.8

Trust: 0.1

sources: VULMON: CVE-2020-3285 // JVNDB: JVNDB-2020-005200 // NVD: CVE-2020-3285

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-3285
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3285
value: MEDIUM

Trust: 1.0

NVD: JVNDB-2020-005200
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202005-219
value: MEDIUM

Trust: 0.6

VULHUB: VHN-181410
value: MEDIUM

Trust: 0.1

VULMON: CVE-2020-3285
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-3285
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: JVNDB-2020-005200
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-181410
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-3285
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3285
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.0

NVD: JVNDB-2020-005200
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-181410 // VULMON: CVE-2020-3285 // JVNDB: JVNDB-2020-005200 // CNNVD: CNNVD-202005-219 // NVD: CVE-2020-3285 // NVD: CVE-2020-3285

PROBLEMTYPE DATA

problemtype:CWE-693

Trust: 1.0

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:CWE-20

Trust: 0.9

sources: VULHUB: VHN-181410 // JVNDB: JVNDB-2020-005200 // NVD: CVE-2020-3285

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202005-219

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202005-219

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-005200

PATCH

title:cisco-sa-ssl-bypass-O5tGum2nurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-bypass-O5tGum2n

Trust: 0.8

title:Cisco: Cisco Firepower Threat Defense Software SSL/TLS URL Category Bypass Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-ssl-bypass-O5tGum2n

Trust: 0.1

title:The Registerurl:https://www.theregister.co.uk/2020/05/07/cisco_may_patches/

Trust: 0.1

sources: VULMON: CVE-2020-3285 // JVNDB: JVNDB-2020-005200

EXTERNAL IDS

db:NVDid:CVE-2020-3285

Trust: 2.6

db:JVNDBid:JVNDB-2020-005200

Trust: 0.8

db:CNNVDid:CNNVD-202005-219

Trust: 0.7

db:NSFOCUSid:47260

Trust: 0.6

db:AUSCERTid:ESB-2020.1614

Trust: 0.6

db:AUSCERTid:ESB-2020.1614.2

Trust: 0.6

db:VULHUBid:VHN-181410

Trust: 0.1

db:VULMONid:CVE-2020-3285

Trust: 0.1

sources: VULHUB: VHN-181410 // VULMON: CVE-2020-3285 // JVNDB: JVNDB-2020-005200 // CNNVD: CNNVD-202005-219 // NVD: CVE-2020-3285

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ssl-bypass-o5tgum2n

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2020-3285

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3285

Trust: 0.8

url:http://www.nsfocus.net/vulndb/47260

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.1614/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.1614.2/

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/20.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/181547

Trust: 0.1

sources: VULHUB: VHN-181410 // VULMON: CVE-2020-3285 // JVNDB: JVNDB-2020-005200 // CNNVD: CNNVD-202005-219 // NVD: CVE-2020-3285

SOURCES

db:VULHUBid:VHN-181410
db:VULMONid:CVE-2020-3285
db:JVNDBid:JVNDB-2020-005200
db:CNNVDid:CNNVD-202005-219
db:NVDid:CVE-2020-3285

LAST UPDATE DATE

2024-08-14T14:03:47.421000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-181410date:2021-10-12T00:00:00
db:VULMONid:CVE-2020-3285date:2020-05-12T00:00:00
db:JVNDBid:JVNDB-2020-005200date:2020-06-09T00:00:00
db:CNNVDid:CNNVD-202005-219date:2021-10-13T00:00:00
db:NVDid:CVE-2020-3285date:2021-10-12T13:59:44.627

SOURCES RELEASE DATE

db:VULHUBid:VHN-181410date:2020-05-06T00:00:00
db:VULMONid:CVE-2020-3285date:2020-05-06T00:00:00
db:JVNDBid:JVNDB-2020-005200date:2020-06-09T00:00:00
db:CNNVDid:CNNVD-202005-219date:2020-05-06T00:00:00
db:NVDid:CVE-2020-3285date:2020-05-06T17:15:12.887