Sign-up

ID

VAR-202010-1021


CVE

CVE-2020-3533


TITLE

Cisco Firepower Threat Defense Software exhaustion vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2020-009721

DESCRIPTION

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly. The vulnerability is due to a lack of sufficient memory management protections under heavy SNMP polling loads. An attacker could exploit this vulnerability by sending a high rate of SNMP requests to the SNMP daemon through the management interface on an affected device. A successful exploit could allow the attacker to cause the SNMP daemon process to consume a large amount of system memory over time, which could then lead to an unexpected device restart, causing a denial of service (DoS) condition. This vulnerability affects all versions of SNMP. Cisco Firepower Threat Defense (FTD) Software contains a resource exhaustion vulnerability.Service operation interruption (DoS) It may be put into a state

Trust: 1.8

sources: NVD: CVE-2020-3533 // JVNDB: JVNDB-2020-009721 // VULHUB: VHN-181658 // VULMON: CVE-2020-3533

AFFECTED PRODUCTS

vendor:ciscomodel:firepower threat defensescope:gteversion:6.6.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.5.0.5

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.6.1

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.5.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.4.0.10

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.3.0.6

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.4.0

Trust: 1.0

vendor:ciscomodel:firepower threat defense softwarescope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-009721 // NVD: CVE-2020-3533

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-3533
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3533
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-009721
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202010-1161
value: HIGH

Trust: 0.6

VULHUB: VHN-181658
value: MEDIUM

Trust: 0.1

VULMON: CVE-2020-3533
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-3533
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: JVNDB-2020-009721
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-181658
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-3533
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3533
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.1

Trust: 1.0

NVD: JVNDB-2020-009721
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-181658 // VULMON: CVE-2020-3533 // JVNDB: JVNDB-2020-009721 // CNNVD: CNNVD-202010-1161 // NVD: CVE-2020-3533 // NVD: CVE-2020-3533

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.9

sources: VULHUB: VHN-181658 // JVNDB: JVNDB-2020-009721 // NVD: CVE-2020-3533

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202010-1161

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202010-1161

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-009721

PATCH
title:cisco-sa-ftd-snmp-dos-R8ENPbOsurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snmp-dos-R8ENPbOs
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2020-009721

EXTERNAL IDS
db:NVDid:CVE-2020-3533
Trust: 2.6
db:JVNDBid:JVNDB-2020-009721
Trust: 0.8
db:CNNVDid:CNNVD-202010-1161
Trust: 0.7
db:AUSCERTid:ESB-2020.3634
Trust: 0.6
db:NSFOCUSid:50200
Trust: 0.6
db:VULHUBid:VHN-181658
Trust: 0.1
db:VULMONid:CVE-2020-3533
Trust: 0.1
sources:
            
            
            VULHUB: VHN-181658 // 
            
            
            
            VULMON: CVE-2020-3533 // 
            
            
            
            JVNDB: JVNDB-2020-009721 // 
            
            
            
            CNNVD: CNNVD-202010-1161 // 
            
            
            
            NVD: CVE-2020-3533

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ftd-snmp-dos-r8enpbos
Trust: 1.8
url:https://nvd.nist.gov/vuln/detail/cve-2020-3533
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3533
Trust: 0.8
url:https://www.auscert.org.au/bulletins/esb-2020.3634/
Trust: 0.6
url:http://www.nsfocus.net/vulndb/50200
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/400.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULHUB: VHN-181658 // 
            
            
            
            VULMON: CVE-2020-3533 // 
            
            
            
            JVNDB: JVNDB-2020-009721 // 
            
            
            
            CNNVD: CNNVD-202010-1161 // 
            
            
            
            NVD: CVE-2020-3533

SOURCES
db:VULHUBid:VHN-181658
db:VULMONid:CVE-2020-3533
db:JVNDBid:JVNDB-2020-009721
db:CNNVDid:CNNVD-202010-1161
db:NVDid:CVE-2020-3533

LAST UPDATE DATE
2024-08-14T14:18:45.169000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-181658date:2020-10-30T00:00:00
db:VULMONid:CVE-2020-3533date:2020-10-30T00:00:00
db:JVNDBid:JVNDB-2020-009721date:2020-12-02T07:28:34
db:CNNVDid:CNNVD-202010-1161date:2020-11-05T00:00:00
db:NVDid:CVE-2020-3533date:2023-11-07T03:22:52.360

SOURCES RELEASE DATE
db:VULHUBid:VHN-181658date:2020-10-21T00:00:00
db:VULMONid:CVE-2020-3533date:2020-10-21T00:00:00
db:JVNDBid:JVNDB-2020-009721date:2020-12-02T07:28:34
db:CNNVDid:CNNVD-202010-1161date:2020-10-21T00:00:00
db:NVDid:CVE-2020-3533date:2020-10-21T19:15:17.043