ID

VAR-202010-1034


CVE

CVE-2020-3549


TITLE

Cisco Firepower Management Center Software and Cisco Firepower Threat Defense Cryptographic strength vulnerabilities in software

Trust: 0.8

sources: JVNDB: JVNDB-2020-009722

DESCRIPTION

A vulnerability in the sftunnel functionality of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to obtain the device registration hash. The vulnerability is due to insufficient sftunnel negotiation protection during initial device registration. An attacker in a man-in-the-middle position could exploit this vulnerability by intercepting a specific flow of the sftunnel communication between an FMC device and an FTD device. A successful exploit could allow the attacker to decrypt and modify the sftunnel communication between FMC and FTD devices, allowing the attacker to modify configuration data sent from an FMC device to an FTD device or alert data sent from an FTD device to an FMC device. (DoS) It may be put into a state

Trust: 1.8

sources: NVD: CVE-2020-3549 // JVNDB: JVNDB-2020-009722 // VULHUB: VHN-181674 // VULMON: CVE-2020-3549

AFFECTED PRODUCTS

vendor:ciscomodel:firepower management centerscope:ltversion:6.6.1

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.6.1

Trust: 1.0

vendor:ciscomodel:firepower management centerscope: - version: -

Trust: 0.8

vendor:ciscomodel:firepower threat defense softwarescope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2020-009722 // NVD: CVE-2020-3549

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-3549
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3549
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-009722
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202010-1159
value: HIGH

Trust: 0.6

VULHUB: VHN-181674
value: MEDIUM

Trust: 0.1

VULMON: CVE-2020-3549
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-3549
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: JVNDB-2020-009722
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-181674
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-3549
baseSeverity: HIGH
baseScore: 8.1
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.2
impactScore: 5.9
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3549
baseSeverity: HIGH
baseScore: 8.1
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.2
impactScore: 5.9
version: 3.0

Trust: 1.0

NVD: JVNDB-2020-009722
baseSeverity: HIGH
baseScore: 8.1
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-181674 // VULMON: CVE-2020-3549 // JVNDB: JVNDB-2020-009722 // CNNVD: CNNVD-202010-1159 // NVD: CVE-2020-3549 // NVD: CVE-2020-3549

PROBLEMTYPE DATA

problemtype:CWE-326

Trust: 1.9

sources: VULHUB: VHN-181674 // JVNDB: JVNDB-2020-009722 // NVD: CVE-2020-3549

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202010-1159

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-202010-1159

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-009722

PATCH

title:cisco-sa-ftdfmc-sft-mitm-tc8AzFs2url:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdfmc-sft-mitm-tc8AzFs2

Trust: 0.8

sources: JVNDB: JVNDB-2020-009722

EXTERNAL IDS

db:NVDid:CVE-2020-3549

Trust: 2.6

db:JVNDBid:JVNDB-2020-009722

Trust: 0.8

db:CNNVDid:CNNVD-202010-1159

Trust: 0.7

db:NSFOCUSid:50206

Trust: 0.6

db:AUSCERTid:ESB-2020.3641

Trust: 0.6

db:CNVDid:CNVD-2021-44679

Trust: 0.1

db:VULHUBid:VHN-181674

Trust: 0.1

db:VULMONid:CVE-2020-3549

Trust: 0.1

sources: VULHUB: VHN-181674 // VULMON: CVE-2020-3549 // JVNDB: JVNDB-2020-009722 // CNNVD: CNNVD-202010-1159 // NVD: CVE-2020-3549

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ftdfmc-sft-mitm-tc8azfs2

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2020-3549

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3549

Trust: 0.8

url:http://www.nsfocus.net/vulndb/50206

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3641/

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/326.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-181674 // VULMON: CVE-2020-3549 // JVNDB: JVNDB-2020-009722 // CNNVD: CNNVD-202010-1159 // NVD: CVE-2020-3549

SOURCES

db:VULHUBid:VHN-181674
db:VULMONid:CVE-2020-3549
db:JVNDBid:JVNDB-2020-009722
db:CNNVDid:CNNVD-202010-1159
db:NVDid:CVE-2020-3549

LAST UPDATE DATE

2024-08-14T15:17:25.259000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-181674date:2020-10-30T00:00:00
db:VULMONid:CVE-2020-3549date:2020-10-30T00:00:00
db:JVNDBid:JVNDB-2020-009722date:2020-12-02T07:28:35
db:CNNVDid:CNNVD-202010-1159date:2020-11-05T00:00:00
db:NVDid:CVE-2020-3549date:2020-10-30T13:21:24.673

SOURCES RELEASE DATE

db:VULHUBid:VHN-181674date:2020-10-21T00:00:00
db:VULMONid:CVE-2020-3549date:2020-10-21T00:00:00
db:JVNDBid:JVNDB-2020-009722date:2020-12-02T07:28:35
db:CNNVDid:CNNVD-202010-1159date:2020-10-21T00:00:00
db:NVDid:CVE-2020-3549date:2020-10-21T19:15:17.123