ID

VAR-202005-0718


CVE

CVE-2020-3334


TITLE

Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software exhaustion vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2020-005134

DESCRIPTION

A vulnerability in the ARP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect processing of ARP packets received by the management interface of an affected device. An attacker could exploit this vulnerability by sending a series of unicast ARP packets in a short timeframe that would reach the management interface of an affected device. A successful exploit could allow the attacker to consume resources on an affected device, which would prevent the device from sending internal system keepalives and eventually cause the device to reload, resulting in a denial of service (DoS) condition. \. The platform provides features such as highly secure access to data and network resources

Trust: 1.8

sources: NVD: CVE-2020-3334 // JVNDB: JVNDB-2020-005134 // VULHUB: VHN-181459 // VULMON: CVE-2020-3334

AFFECTED PRODUCTS

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.10

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.10.1.37

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.13

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.13.1.2

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.6.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.12

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.12.3

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower threat defense softwarescope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-005134 // NVD: CVE-2020-3334

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-3334
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3334
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-005134
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202005-196
value: HIGH

Trust: 0.6

VULHUB: VHN-181459
value: MEDIUM

Trust: 0.1

VULMON: CVE-2020-3334
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-3334
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: JVNDB-2020-005134
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector: ADJACENT NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-181459
severity: MEDIUM
baseScore: 6.1
vectorString: AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-3334
baseSeverity: HIGH
baseScore: 7.4
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 4.0
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3334
baseSeverity: HIGH
baseScore: 7.4
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 4.0
version: 3.0

Trust: 1.0

NVD: JVNDB-2020-005134
baseSeverity: HIGH
baseScore: 7.4
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-181459 // VULMON: CVE-2020-3334 // JVNDB: JVNDB-2020-005134 // CNNVD: CNNVD-202005-196 // NVD: CVE-2020-3334 // NVD: CVE-2020-3334

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.9

problemtype:CWE-399

Trust: 1.0

sources: VULHUB: VHN-181459 // JVNDB: JVNDB-2020-005134 // NVD: CVE-2020-3334

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202005-196

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202005-196

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-005134

PATCH

title:cisco-sa-fp2100-arp-dos-kLdCK8ksurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fp2100-arp-dos-kLdCK8ks

Trust: 0.8

title:Cisco Firepower Threat Defense and Adaptive Security Appliances Software Remediation of resource management error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=117801

Trust: 0.6

title:Cisco: Cisco Firepower 2100 Series Security Appliances ARP Denial of Service Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-fp2100-arp-dos-kLdCK8ks

Trust: 0.1

sources: VULMON: CVE-2020-3334 // JVNDB: JVNDB-2020-005134 // CNNVD: CNNVD-202005-196

EXTERNAL IDS

db:NVDid:CVE-2020-3334

Trust: 2.6

db:JVNDBid:JVNDB-2020-005134

Trust: 0.8

db:CNNVDid:CNNVD-202005-196

Trust: 0.7

db:AUSCERTid:ESB-2020.1614

Trust: 0.6

db:AUSCERTid:ESB-2020.1614.2

Trust: 0.6

db:CNVDid:CNVD-2020-31114

Trust: 0.1

db:VULHUBid:VHN-181459

Trust: 0.1

db:VULMONid:CVE-2020-3334

Trust: 0.1

sources: VULHUB: VHN-181459 // VULMON: CVE-2020-3334 // JVNDB: JVNDB-2020-005134 // CNNVD: CNNVD-202005-196 // NVD: CVE-2020-3334

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-fp2100-arp-dos-kldck8ks

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2020-3334

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3334

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2020.1614/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.1614.2/

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/400.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/181506

Trust: 0.1

sources: VULHUB: VHN-181459 // VULMON: CVE-2020-3334 // JVNDB: JVNDB-2020-005134 // CNNVD: CNNVD-202005-196 // NVD: CVE-2020-3334

SOURCES

db:VULHUBid:VHN-181459
db:VULMONid:CVE-2020-3334
db:JVNDBid:JVNDB-2020-005134
db:CNNVDid:CNNVD-202005-196
db:NVDid:CVE-2020-3334

LAST UPDATE DATE

2024-08-14T14:03:47.511000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-181459date:2020-05-15T00:00:00
db:VULMONid:CVE-2020-3334date:2020-05-15T00:00:00
db:JVNDBid:JVNDB-2020-005134date:2020-06-08T00:00:00
db:CNNVDid:CNNVD-202005-196date:2020-05-22T00:00:00
db:NVDid:CVE-2020-3334date:2023-08-16T16:17:07.960

SOURCES RELEASE DATE

db:VULHUBid:VHN-181459date:2020-05-06T00:00:00
db:VULMONid:CVE-2020-3334date:2020-05-06T00:00:00
db:JVNDBid:JVNDB-2020-005134date:2020-06-08T00:00:00
db:CNNVDid:CNNVD-202005-196date:2020-05-06T00:00:00
db:NVDid:CVE-2020-3334date:2020-05-06T17:15:14.010