ID

VAR-202005-0715


CVE

CVE-2020-3315


TITLE

plural Cisco Vulnerability in leaking resources to the wrong area in the product

Trust: 0.8

sources: JVNDB: JVNDB-2020-005213

DESCRIPTION

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and deliver a malicious payload to the protected network. plural Cisco The product contains a vulnerability related to the leakage of resources to the wrong area.Information may be tampered with. Cisco 3000 Series Industrial Security Appliances, etc. are all products of Cisco in the United States. Cisco 3000 Series Industrial Security Appliances is a 3000 series firewall appliance. Cloud Services Router 1000V Series is a 1000v series cloud service router. Cisco 1000 Series Integrated Services Routers (ISRs) are 1000 series integrated services routers. payload. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5354-1 security@debian.org https://www.debian.org/security/ Markus Koschany February 18, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : snort CVE ID : CVE-2020-3299 CVE-2020-3315 CVE-2021-1223 CVE-2021-1224 CVE-2021-1236 CVE-2021-1494 CVE-2021-1495 CVE-2021-34749 CVE-2021-40114 Debian Bug : 1021276 Multiple security vulnerabilities were discovered in snort, a flexible Network Intrusion Detection System, which could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or bypass filtering technology on an affected device and ex-filtrate data from a compromised host. For the stable distribution (bullseye), these problems have been fixed in version 2.9.20-0+deb11u1. We recommend that you upgrade your snort packages. For the detailed security status of snort please refer to its security tracker page at: https://security-tracker.debian.org/tracker/snort Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmPw/Y5fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeQRrA/9EQ9kF1LT2fYUGFMyKeCQQFTB8tfIsyz2VUrGUtWlVDKsDVqfEMWa6Zwx rAaFnAPOBi1KNX1laencuphuiDIxLmvA0ShpHKo/R3vY4WXmNwJMjPWNr82oTw8j CEggyfj9i5V1EwZZi0B3L4WP1pCQcJRN6XVB3FJWZScyQFtRH0xO7l9acIV68lTs 9hGDDe2wn5ufHh0sXskZitgYoXfdHjjl3CzFxrmGGDq9KFr8rDIEUnZrm58DCRNL RkDmvxrEEsXGmzQlhT/2ea88aIXgNM4xnDztr3iV1v8JOMb6BwehrH43NgdDb5V8 6xBcHuXOLNI75mca1TQxwUd8PSNo3YK60IbDC2ztcUIIvl1xk8bDFyABb3gKvGoR izKFYej4hNeZb+0HWHsnO9vvP4t6LkKF/iIGNNVNmA9ZJA94ESCfItSozIITqRE2 sJQ43X9uQhX2p/dfeyNoOJDhie0RyZyg0rPxIDNonP1YJ8kTjMMHnRNqGn9MkVYK bNr1/sdLhH0TXvs5XoL9b9YjUPL67hDHL9bHLByOKNSxXrth+TcqFX+eg7Bztn1A vS4Sc2TWCuBa3jdrS9WJiy58aB1sTABRhN+tY4wVs+A9vIr1dKHn4wsB8axmpYDW cyzVbz9Q+fC+gXwDusZccBqfD7rByEFWXflBFI4PDXRrW+NPy8w\xdb5k -----END PGP SIGNATURE-----

Trust: 2.43

sources: NVD: CVE-2020-3315 // JVNDB: JVNDB-2020-005213 // CNVD: CNVD-2020-31112 // VULHUB: VHN-181440 // VULMON: CVE-2020-3315 // PACKETSTORM: 171060

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-31112

AFFECTED PRODUCTS

vendor:ciscomodel:firepower threat defense softwarescope: - version: -

Trust: 1.4

vendor:ciscomodel:firepower management centerscope:eqversion:2.9.14.4

Trust: 1.0

vendor:ciscomodel:firepower management centerscope:eqversion:2.9.15

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.6.0

Trust: 1.0

vendor:ciscomodel:firepower management centerscope:eqversion:2.9.16

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:17.3.1

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:15.2\(7\)e

Trust: 1.0

vendor:ciscomodel:iosscope:eqversion:16.11.2

Trust: 1.0

vendor:ciscomodel:firepower management centerscope: - version: -

Trust: 0.8

vendor:ciscomodel:iosscope: - version: -

Trust: 0.8

vendor:ciscomodel:series integrated services routersscope:eqversion:4000

Trust: 0.6

vendor:ciscomodel:series industrial security appliancesscope:eqversion:3000

Trust: 0.6

vendor:ciscomodel:cloud services router seriesscope:eqversion:1000v

Trust: 0.6

vendor:ciscomodel:integrated services virtual routerscope: - version: -

Trust: 0.6

vendor:ciscomodel:series integrated services routersscope:eqversion:1000

Trust: 0.6

sources: CNVD: CNVD-2020-31112 // JVNDB: JVNDB-2020-005213 // NVD: CVE-2020-3315

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-3315
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3315
value: MEDIUM

Trust: 1.0

NVD: JVNDB-2020-005213
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2020-31112
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202005-214
value: MEDIUM

Trust: 0.6

VULHUB: VHN-181440
value: MEDIUM

Trust: 0.1

VULMON: CVE-2020-3315
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-3315
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: JVNDB-2020-005213
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2020-31112
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-181440
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-3315
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3315
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.0

Trust: 1.0

NVD: JVNDB-2020-005213
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2020-31112 // VULHUB: VHN-181440 // VULMON: CVE-2020-3315 // JVNDB: JVNDB-2020-005213 // CNNVD: CNNVD-202005-214 // NVD: CVE-2020-3315 // NVD: CVE-2020-3315

PROBLEMTYPE DATA

problemtype:CWE-668

Trust: 1.9

problemtype:CWE-693

Trust: 1.0

sources: VULHUB: VHN-181440 // JVNDB: JVNDB-2020-005213 // NVD: CVE-2020-3315

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 171060 // CNNVD: CNNVD-202005-214

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202005-214

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-005213

PATCH

title:cisco-sa-snort_filepolbypass-m4X5DgOPurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort_filepolbypass-m4X5DgOP

Trust: 0.8

title:Patch for Multiple Cisco product strategies to bypass vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/219789

Trust: 0.6

title:Multiple Cisco Product security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=117816

Trust: 0.6

title:The Registerurl:https://www.theregister.co.uk/2020/05/07/cisco_may_patches/

Trust: 0.2

title:Cisco: Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-snort_filepolbypass-m4X5DgOP

Trust: 0.1

title:Debian CVElist Bug Report Logs: snort: CVE-2020-3315 CVE-2021-1223 CVE-2021-1224 CVE-2021-1494 CVE-2021-1495 CVE-2021-34749 CVE-2021-40114url:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=1773b4dd82d4d83f1431e21300c33475

Trust: 0.1

title:Debian Security Advisories: DSA-5354-1 snort -- security updateurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=6ecec49445da07dca8fb53a5a107855c

Trust: 0.1

title: - url:https://github.com/Live-Hack-CVE/CVE-2020-3315

Trust: 0.1

sources: CNVD: CNVD-2020-31112 // VULMON: CVE-2020-3315 // JVNDB: JVNDB-2020-005213 // CNNVD: CNNVD-202005-214

EXTERNAL IDS

db:NVDid:CVE-2020-3315

Trust: 3.3

db:JVNDBid:JVNDB-2020-005213

Trust: 0.8

db:CNVDid:CNVD-2020-31112

Trust: 0.7

db:AUSCERTid:ESB-2023.1047

Trust: 0.6

db:AUSCERTid:ESB-2020.1620

Trust: 0.6

db:AUSCERTid:ESB-2023.0833

Trust: 0.6

db:CNNVDid:CNNVD-202005-214

Trust: 0.6

db:PACKETSTORMid:171060

Trust: 0.2

db:VULHUBid:VHN-181440

Trust: 0.1

db:VULMONid:CVE-2020-3315

Trust: 0.1

sources: CNVD: CNVD-2020-31112 // VULHUB: VHN-181440 // VULMON: CVE-2020-3315 // JVNDB: JVNDB-2020-005213 // PACKETSTORM: 171060 // CNNVD: CNNVD-202005-214 // NVD: CVE-2020-3315

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-snort_filepolbypass-m4x5dgop

Trust: 2.5

url:https://nvd.nist.gov/vuln/detail/cve-2020-3315

Trust: 2.1

url:https://www.debian.org/security/2023/dsa-5354

Trust: 1.8

url:https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html

Trust: 1.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3315

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2023.0833

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2023.1047

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.1620/

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/668.html

Trust: 0.1

url:https://github.com/live-hack-cve/cve-2020-3315

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-34749

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1495

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-40114

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-3299

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1223

Trust: 0.1

url:https://www.debian.org/security/

Trust: 0.1

url:https://security-tracker.debian.org/tracker/snort

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1236

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1494

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1224

Trust: 0.1

url:https://www.debian.org/security/faq

Trust: 0.1

sources: CNVD: CNVD-2020-31112 // VULHUB: VHN-181440 // VULMON: CVE-2020-3315 // JVNDB: JVNDB-2020-005213 // PACKETSTORM: 171060 // CNNVD: CNNVD-202005-214 // NVD: CVE-2020-3315

CREDITS

Debian

Trust: 0.1

sources: PACKETSTORM: 171060

SOURCES

db:CNVDid:CNVD-2020-31112
db:VULHUBid:VHN-181440
db:VULMONid:CVE-2020-3315
db:JVNDBid:JVNDB-2020-005213
db:PACKETSTORMid:171060
db:CNNVDid:CNNVD-202005-214
db:NVDid:CVE-2020-3315

LAST UPDATE DATE

2024-08-14T12:55:39.140000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2020-31112date:2020-06-02T00:00:00
db:VULHUBid:VHN-181440date:2023-02-19T00:00:00
db:VULMONid:CVE-2020-3315date:2023-02-19T00:00:00
db:JVNDBid:JVNDB-2020-005213date:2020-06-09T00:00:00
db:CNNVDid:CNNVD-202005-214date:2023-02-21T00:00:00
db:NVDid:CVE-2020-3315date:2023-05-23T13:55:46.380

SOURCES RELEASE DATE

db:CNVDid:CNVD-2020-31112date:2020-06-02T00:00:00
db:VULHUBid:VHN-181440date:2020-05-06T00:00:00
db:VULMONid:CVE-2020-3315date:2020-05-06T00:00:00
db:JVNDBid:JVNDB-2020-005213date:2020-06-09T00:00:00
db:PACKETSTORMid:171060date:2023-02-20T16:53:59
db:CNNVDid:CNNVD-202005-214date:2020-05-06T00:00:00
db:NVDid:CVE-2020-3315date:2020-05-06T17:15:13.823