ID

VAR-202010-1039


CVE

CVE-2020-3565


TITLE

Cisco Firepower Threat Defense  Authentication vulnerabilities in software

Trust: 0.8

sources: JVNDB: JVNDB-2020-012500

DESCRIPTION

A vulnerability in the TCP Intercept functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured Access Control Policies (including Geolocation) and Service Polices on an affected system. The vulnerability exists because TCP Intercept is invoked when the embryonic connection limit is reached, which can cause the underlying detection engine to process the packet incorrectly. An attacker could exploit this vulnerability by sending a crafted stream of traffic that matches a policy on which TCP Intercept is configured. A successful exploit could allow the attacker to match on an incorrect policy, which could allow the traffic to be forwarded when it should be dropped. In addition, the traffic could incorrectly be dropped. Cisco Firepower Threat Defense (FTD) The software contains an authentication vulnerability.Information may be tampered with

Trust: 1.8

sources: NVD: CVE-2020-3565 // JVNDB: JVNDB-2020-012500 // VULHUB: VHN-181690 // VULMON: CVE-2020-3565

AFFECTED PRODUCTS

vendor:ciscomodel:firepower threat defensescope:gteversion:6.5.0.5

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.6.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.5.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.5.0.4

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.4.0.8

Trust: 1.0

vendor:シスコシステムズmodel:cisco firepower threat defense ソフトウェアscope:eqversion: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco firepower threat defense ソフトウェアscope:eqversion:cisco firepower threat defense software

Trust: 0.8

sources: JVNDB: JVNDB-2020-012500 // NVD: CVE-2020-3565

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-3565
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3565
value: MEDIUM

Trust: 1.0

NVD: CVE-2020-3565
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202010-1172
value: MEDIUM

Trust: 0.6

VULHUB: VHN-181690
value: MEDIUM

Trust: 0.1

VULMON: CVE-2020-3565
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2020-3565
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-181690
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2020-3565
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 2.0

NVD: CVE-2020-3565
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-181690 // VULMON: CVE-2020-3565 // JVNDB: JVNDB-2020-012500 // CNNVD: CNNVD-202010-1172 // NVD: CVE-2020-3565 // NVD: CVE-2020-3565

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.1

problemtype:CWE-284

Trust: 1.0

problemtype:Improper authentication (CWE-287) [NVD Evaluation ]

Trust: 0.8

sources: VULHUB: VHN-181690 // JVNDB: JVNDB-2020-012500 // NVD: CVE-2020-3565

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202010-1172

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-202010-1172

PATCH

title:cisco-sa-tcp-intercept-bypass-xG9M3PbYurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tcp-intercept-bypass-xG9M3PbY

Trust: 0.8

title:Cisco: Cisco Firepower Threat Defense Software TCP Intercept Bypass Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-tcp-intercept-bypass-xG9M3PbY

Trust: 0.1

sources: VULMON: CVE-2020-3565 // JVNDB: JVNDB-2020-012500

EXTERNAL IDS

db:NVDid:CVE-2020-3565

Trust: 2.6

db:JVNDBid:JVNDB-2020-012500

Trust: 0.8

db:CNNVDid:CNNVD-202010-1172

Trust: 0.7

db:AUSCERTid:ESB-2020.3634

Trust: 0.6

db:NSFOCUSid:50172

Trust: 0.6

db:VULHUBid:VHN-181690

Trust: 0.1

db:VULMONid:CVE-2020-3565

Trust: 0.1

sources: VULHUB: VHN-181690 // VULMON: CVE-2020-3565 // JVNDB: JVNDB-2020-012500 // CNNVD: CNNVD-202010-1172 // NVD: CVE-2020-3565

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-tcp-intercept-bypass-xg9m3pby

Trust: 1.9

url:https://nvd.nist.gov/vuln/detail/cve-2020-3565

Trust: 1.4

url:https://www.auscert.org.au/bulletins/esb-2020.3634/

Trust: 0.6

url:http://www.nsfocus.net/vulndb/50172

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/287.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-181690 // VULMON: CVE-2020-3565 // JVNDB: JVNDB-2020-012500 // CNNVD: CNNVD-202010-1172 // NVD: CVE-2020-3565

SOURCES

db:VULHUBid:VHN-181690
db:VULMONid:CVE-2020-3565
db:JVNDBid:JVNDB-2020-012500
db:CNNVDid:CNNVD-202010-1172
db:NVDid:CVE-2020-3565

LAST UPDATE DATE

2024-08-14T14:18:45.199000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-181690date:2020-10-23T00:00:00
db:VULMONid:CVE-2020-3565date:2020-10-23T00:00:00
db:JVNDBid:JVNDB-2020-012500date:2021-05-11T06:16:00
db:CNNVDid:CNNVD-202010-1172date:2020-11-04T00:00:00
db:NVDid:CVE-2020-3565date:2023-11-07T03:22:55.013

SOURCES RELEASE DATE

db:VULHUBid:VHN-181690date:2020-10-21T00:00:00
db:VULMONid:CVE-2020-3565date:2020-10-21T00:00:00
db:JVNDBid:JVNDB-2020-012500date:2021-05-11T00:00:00
db:CNNVDid:CNNVD-202010-1172date:2020-10-21T00:00:00
db:NVDid:CVE-2020-3565date:2020-10-21T19:15:18.137