Details of VAR-202005-0700

ID

VAR-202005-0700

CVE

CVE-2020-3285

TITLE

Cisco Firepower Threat Defense Input verification vulnerabilities in software

Trust: 0.8

sources: JVNDB: JVNDB-2020-005200

DESCRIPTION

A vulnerability in the Transport Layer Security version 1.3 (TLS 1.3) policy with URL category functionality for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured TLS 1.3 policy to block traffic for a specific URL. The vulnerability is due to a logic error with Snort handling of the connection with the TLS 1.3 policy and URL category configuration. An attacker could exploit this vulnerability by sending crafted TLS 1.3 connections to an affected device. A successful exploit could allow the attacker to bypass the TLS 1.3 policy and access URLs that are outside the affected device and normally would be dropped. Cisco Firepower Threat Defense (FTD) The software contains an input verification vulnerability.Information may be tampered with

Trust: 1.8

sources: NVD: CVE-2020-3285 // JVNDB: JVNDB-2020-005200 // VULHUB: VHN-181410 // VULMON: CVE-2020-3285

AFFECTED PRODUCTS

vendor:	cisco	model:	firepower threat defense	scope:	lte	version:	6.4.0.8	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.4.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense software	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.1	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.2	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.3	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.4	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.5	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.6	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.7	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.4.0.8	Trust: 0.1

sources: VULMON: CVE-2020-3285 // JVNDB: JVNDB-2020-005200 // NVD: CVE-2020-3285

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-3285
value:	MEDIUM
Trust: 1.0
ykramarz@cisco.com:	CVE-2020-3285
value:	MEDIUM
Trust: 1.0
NVD:	JVNDB-2020-005200
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202005-219
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-181410
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2020-3285
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2020-3285
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
NVD:	JVNDB-2020-005200
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-181410
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2020-3285
baseSeverity:	MEDIUM
baseScore:	5.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2020-3285
baseSeverity:	MEDIUM
baseScore:	5.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 1.0
NVD:	JVNDB-2020-005200
baseSeverity:	MEDIUM
baseScore:	5.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-181410 // VULMON: CVE-2020-3285 // JVNDB: JVNDB-2020-005200 // CNNVD: CNNVD-202005-219 // NVD: CVE-2020-3285 // NVD: CVE-2020-3285

PROBLEMTYPE DATA

problemtype:	CWE-693	Trust: 1.0
problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	CWE-20	Trust: 0.9

sources: VULHUB: VHN-181410 // JVNDB: JVNDB-2020-005200 // NVD: CVE-2020-3285

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202005-219

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202005-219

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-005200

PATCH

title:	cisco-sa-ssl-bypass-O5tGum2n	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-bypass-O5tGum2n	Trust: 0.8
title:	Cisco: Cisco Firepower Threat Defense Software SSL/TLS URL Category Bypass Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-ssl-bypass-O5tGum2n	Trust: 0.1
title:	The Register	url:	https://www.theregister.co.uk/2020/05/07/cisco_may_patches/	Trust: 0.1

sources: VULMON: CVE-2020-3285 // JVNDB: JVNDB-2020-005200

EXTERNAL IDS

db:	NVD	id:	CVE-2020-3285	Trust: 2.6
db:	JVNDB	id:	JVNDB-2020-005200	Trust: 0.8
db:	CNNVD	id:	CNNVD-202005-219	Trust: 0.7
db:	NSFOCUS	id:	47260	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1614	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1614.2	Trust: 0.6
db:	VULHUB	id:	VHN-181410	Trust: 0.1
db:	VULMON	id:	CVE-2020-3285	Trust: 0.1

sources: VULHUB: VHN-181410 // VULMON: CVE-2020-3285 // JVNDB: JVNDB-2020-005200 // CNNVD: CNNVD-202005-219 // NVD: CVE-2020-3285

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ssl-bypass-o5tgum2n	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3285	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3285	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/47260	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1614/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1614.2/	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/20.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/181547	Trust: 0.1

sources: VULHUB: VHN-181410 // VULMON: CVE-2020-3285 // JVNDB: JVNDB-2020-005200 // CNNVD: CNNVD-202005-219 // NVD: CVE-2020-3285

SOURCES

db:	VULHUB	id:	VHN-181410
db:	VULMON	id:	CVE-2020-3285
db:	JVNDB	id:	JVNDB-2020-005200
db:	CNNVD	id:	CNNVD-202005-219
db:	NVD	id:	CVE-2020-3285

LAST UPDATE DATE

2024-08-14T14:03:47.421000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-181410	date:	2021-10-12T00:00:00
db:	VULMON	id:	CVE-2020-3285	date:	2020-05-12T00:00:00
db:	JVNDB	id:	JVNDB-2020-005200	date:	2020-06-09T00:00:00
db:	CNNVD	id:	CNNVD-202005-219	date:	2021-10-13T00:00:00
db:	NVD	id:	CVE-2020-3285	date:	2021-10-12T13:59:44.627

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-181410	date:	2020-05-06T00:00:00
db:	VULMON	id:	CVE-2020-3285	date:	2020-05-06T00:00:00
db:	JVNDB	id:	JVNDB-2020-005200	date:	2020-06-09T00:00:00
db:	CNNVD	id:	CNNVD-202005-219	date:	2020-05-06T00:00:00
db:	NVD	id:	CVE-2020-3285	date:	2020-05-06T17:15:12.887