Details of VAR-202005-0708

ID

VAR-202005-0708

CVE

CVE-2020-3308

TITLE

Cisco Firepower Threat Defense Software Software Digital Signature Verification Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2020-005220

DESCRIPTION

A vulnerability in the Image Signature Verification feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulnerability by crafting an unsigned software patch to bypass signature checks and loading it on an affected device. A successful exploit could allow the attacker to boot a malicious software patch image

Trust: 1.8

sources: NVD: CVE-2020-3308 // JVNDB: JVNDB-2020-005220 // VULHUB: VHN-181433 // VULMON: CVE-2020-3308

AFFECTED PRODUCTS

vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.2.2	Trust: 1.1
vendor:	cisco	model:	firepower management center	scope:	eq	version:	6.2.3	Trust: 1.1
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.2.2.1	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower threat defense software	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	-	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	5.3.0	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	5.4.0	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.0	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.0.0	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.0.0.1	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.0.1	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.0.1.1	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.0.1.2	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.0.1.3	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.0.1.4	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.1.0	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.1.0.1	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.1.0.2	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.1.0.3	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.1.0.4	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.1.0.5	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.1.0.6	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.1.0.7	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.0	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.0.1	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.0.2	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.0.3	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.0.4	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.0.5	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.1	Trust: 0.1
vendor:	cisco	model:	firepower threat defense	scope:	eq	version:	6.2.2	Trust: 0.1

sources: VULMON: CVE-2020-3308 // JVNDB: JVNDB-2020-005220 // NVD: CVE-2020-3308

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-3308
value:	MEDIUM
Trust: 1.0
ykramarz@cisco.com:	CVE-2020-3308
value:	MEDIUM
Trust: 1.0
NVD:	JVNDB-2020-005220
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202005-212
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-181433
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2020-3308
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2020-3308
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:L/AU:S/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
NVD:	JVNDB-2020-005220
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:L/AU:S/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-181433
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:L/AU:S/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2020-3308
baseSeverity:	MEDIUM
baseScore:	4.9
vectorString:	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	1.2
impactScore:	3.6
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2020-3308
baseSeverity:	MEDIUM
baseScore:	4.9
vectorString:	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	1.2
impactScore:	3.6
version:	3.0
Trust: 1.0
NVD:	JVNDB-2020-005220
baseSeverity:	MEDIUM
baseScore:	4.9
vectorString:	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-181433 // VULMON: CVE-2020-3308 // JVNDB: JVNDB-2020-005220 // CNNVD: CNNVD-202005-212 // NVD: CVE-2020-3308 // NVD: CVE-2020-3308

PROBLEMTYPE DATA

problemtype:

CWE-347

Trust: 1.9

sources: VULHUB: VHN-181433 // JVNDB: JVNDB-2020-005220 // NVD: CVE-2020-3308

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202005-212

TYPE

data forgery

Trust: 0.6

sources: CNNVD: CNNVD-202005-212

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-005220

PATCH

title:	cisco-sa-sigbypass-FcvPPCeP	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sigbypass-FcvPPCeP	Trust: 0.8
title:	Cisco: Cisco Firepower Threat Defense Software Signature Verification Bypass Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-sigbypass-FcvPPCeP	Trust: 0.1
title:	The Register	url:	https://www.theregister.co.uk/2020/05/07/cisco_may_patches/	Trust: 0.1

sources: VULMON: CVE-2020-3308 // JVNDB: JVNDB-2020-005220

EXTERNAL IDS

db:	NVD	id:	CVE-2020-3308	Trust: 2.6
db:	JVNDB	id:	JVNDB-2020-005220	Trust: 0.8
db:	CNNVD	id:	CNNVD-202005-212	Trust: 0.7
db:	NSFOCUS	id:	47935	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1614	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1614.2	Trust: 0.6
db:	CNVD	id:	CNVD-2020-27102	Trust: 0.1
db:	VULHUB	id:	VHN-181433	Trust: 0.1
db:	VULMON	id:	CVE-2020-3308	Trust: 0.1

sources: VULHUB: VHN-181433 // VULMON: CVE-2020-3308 // JVNDB: JVNDB-2020-005220 // CNNVD: CNNVD-202005-212 // NVD: CVE-2020-3308

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sigbypass-fcvppcep	Trust: 1.9
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3308	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3308	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/47935	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1614/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1614.2/	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/347.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/181508	Trust: 0.1

sources: VULHUB: VHN-181433 // VULMON: CVE-2020-3308 // JVNDB: JVNDB-2020-005220 // CNNVD: CNNVD-202005-212 // NVD: CVE-2020-3308

SOURCES

db:	VULHUB	id:	VHN-181433
db:	VULMON	id:	CVE-2020-3308
db:	JVNDB	id:	JVNDB-2020-005220
db:	CNNVD	id:	CNNVD-202005-212
db:	NVD	id:	CVE-2020-3308

LAST UPDATE DATE

2024-08-14T14:03:47.758000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-181433	date:	2020-05-12T00:00:00
db:	VULMON	id:	CVE-2020-3308	date:	2020-05-12T00:00:00
db:	JVNDB	id:	JVNDB-2020-005220	date:	2020-06-09T00:00:00
db:	CNNVD	id:	CNNVD-202005-212	date:	2020-08-20T00:00:00
db:	NVD	id:	CVE-2020-3308	date:	2020-05-12T17:22:02.167

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-181433	date:	2020-05-06T00:00:00
db:	VULMON	id:	CVE-2020-3308	date:	2020-05-06T00:00:00
db:	JVNDB	id:	JVNDB-2020-005220	date:	2020-06-09T00:00:00
db:	CNNVD	id:	CNNVD-202005-212	date:	2020-05-06T00:00:00
db:	NVD	id:	CVE-2020-3308	date:	2020-05-06T17:15:13.387