Details of VAR-202010-1042

ID

VAR-202010-1042

CVE

CVE-2020-3577

TITLE

Cisco Firepower Threat Defense Software input verification vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2020-012502

DESCRIPTION

A vulnerability in the ingress packet processing path of Cisco Firepower Threat Defense (FTD) Software for interfaces that are configured either as Inline Pair or in Passive mode could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation when Ethernet frames are processed. An attacker could exploit this vulnerability by sending malicious Ethernet frames through an affected device. A successful exploit could allow the attacker do either of the following: Fill the /ngfw partition on the device: A full /ngfw partition could result in administrators being unable to log in to the device (including logging in through the console port) or the device being unable to boot up correctly. Note: Manual intervention is required to recover from this situation. Customers are advised to contact the Cisco Technical Assistance Center (TAC) to help recover a device in this condition. Cause a process crash: The process crash would cause the device to reload. No manual intervention is necessary to recover the device after the reload. Cisco Firepower Threat Defense (FTD) The software contains an input verification vulnerability.Denial of service (DoS) It may be put into a state

Trust: 1.8

sources: NVD: CVE-2020-3577 // JVNDB: JVNDB-2020-012502 // VULHUB: VHN-181702 // VULMON: CVE-2020-3577

AFFECTED PRODUCTS

vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.6.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.5.0.5	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.6.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.5.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.4.0.10	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.3.0.6	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.4.0	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	eq	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	eq	version:	cisco firepower threat defense software	Trust: 0.8

sources: JVNDB: JVNDB-2020-012502 // NVD: CVE-2020-3577

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-3577
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2020-3577
value:	HIGH
Trust: 1.0
NVD:	CVE-2020-3577
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202010-1174
value:	HIGH
Trust: 0.6
VULHUB:	VHN-181702
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2020-3577
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2020-3577
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-181702
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

ykramarz@cisco.com:	CVE-2020-3577
baseSeverity:	HIGH
baseScore:	7.4
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	4.0
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2020-3577
baseSeverity:	HIGH
baseScore:	7.4
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	4.0
version:	3.1
Trust: 1.0

sources: VULHUB: VHN-181702 // VULMON: CVE-2020-3577 // JVNDB: JVNDB-2020-012502 // CNNVD: CNNVD-202010-1174 // NVD: CVE-2020-3577 // NVD: CVE-2020-3577

PROBLEMTYPE DATA

problemtype:	CWE-20	Trust: 1.1
problemtype:	Incorrect input confirmation (CWE-20) [NVD Evaluation ]	Trust: 0.8

sources: VULHUB: VHN-181702 // JVNDB: JVNDB-2020-012502 // NVD: CVE-2020-3577

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202010-1174

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202010-1174

PATCH

title:

cisco-sa-ftd-inline-dos-nXqUyEqM

url:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-inline-dos-nXqUyEqM

Trust: 0.8

sources: JVNDB: JVNDB-2020-012502

EXTERNAL IDS

db:	NVD	id:	CVE-2020-3577	Trust: 2.6
db:	JVNDB	id:	JVNDB-2020-012502	Trust: 0.8
db:	CNNVD	id:	CNNVD-202010-1174	Trust: 0.7
db:	NSFOCUS	id:	50199	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.3634	Trust: 0.6
db:	CNVD	id:	CNVD-2020-58767	Trust: 0.1
db:	VULHUB	id:	VHN-181702	Trust: 0.1
db:	VULMON	id:	CVE-2020-3577	Trust: 0.1

sources: VULHUB: VHN-181702 // VULMON: CVE-2020-3577 // JVNDB: JVNDB-2020-012502 // CNNVD: CNNVD-202010-1174 // NVD: CVE-2020-3577

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ftd-inline-dos-nxquyeqm	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3577	Trust: 1.4
url:	https://www.auscert.org.au/bulletins/esb-2020.3634/	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/50199	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/20.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-181702 // VULMON: CVE-2020-3577 // JVNDB: JVNDB-2020-012502 // CNNVD: CNNVD-202010-1174 // NVD: CVE-2020-3577

SOURCES

db:	VULHUB	id:	VHN-181702
db:	VULMON	id:	CVE-2020-3577
db:	JVNDB	id:	JVNDB-2020-012502
db:	CNNVD	id:	CNNVD-202010-1174
db:	NVD	id:	CVE-2020-3577

LAST UPDATE DATE

2024-08-14T14:18:45.229000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-181702	date:	2021-10-19T00:00:00
db:	VULMON	id:	CVE-2020-3577	date:	2020-10-23T00:00:00
db:	JVNDB	id:	JVNDB-2020-012502	date:	2021-05-11T06:16:00
db:	CNNVD	id:	CNNVD-202010-1174	date:	2020-11-05T00:00:00
db:	NVD	id:	CVE-2020-3577	date:	2021-10-19T14:46:55.840

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-181702	date:	2020-10-21T00:00:00
db:	VULMON	id:	CVE-2020-3577	date:	2020-10-21T00:00:00
db:	JVNDB	id:	JVNDB-2020-012502	date:	2021-05-11T00:00:00
db:	CNNVD	id:	CNNVD-202010-1174	date:	2020-10-21T00:00:00
db:	NVD	id:	CVE-2020-3577	date:	2020-10-21T19:15:18.420