ID
VAR-202010-1046
CVE
CVE-2020-3563
TITLE
Cisco Firepower Threat Defense Resource depletion vulnerability in software
Trust: 0.8
sources:
JVNDB: JVNDB-2020-012499
DESCRIPTION
A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a large number of TCP packets to a specific port on an affected device. A successful exploit could allow the attacker to exhaust system memory, which could cause the device to reload unexpectedly. No manual intervention is needed to recover the device after it has reloaded
Trust: 1.8
sources:
NVD: CVE-2020-3563 //
JVNDB: JVNDB-2020-012499 //
VULHUB: VHN-181688 //
VULMON: CVE-2020-3563
AFFECTED PRODUCTS
| vendor: | cisco | model: | firepower threat defense | scope: | lt | version: | 6.5.0.5 | Trust: 1.0 |
| vendor: | cisco | model: | firepower threat defense | scope: | gte | version: | 6.3.0 | Trust: 1.0 |
| vendor: | cisco | model: | firepower threat defense | scope: | gte | version: | 6.5.0 | Trust: 1.0 |
| vendor: | cisco | model: | firepower threat defense | scope: | lt | version: | 6.4.0.10 | Trust: 1.0 |
| vendor: | cisco | model: | firepower threat defense | scope: | lt | version: | 6.3.0.6 | Trust: 1.0 |
| vendor: | cisco | model: | firepower threat defense | scope: | gte | version: | 6.4.0 | Trust: 1.0 |
| vendor: | シスコシステムズ | model: | cisco firepower threat defense ソフトウェア | scope: | eq | version: | - | Trust: 0.8 |
| vendor: | シスコシステムズ | model: | cisco firepower threat defense ソフトウェア | scope: | eq | version: | cisco firepower threat defense software | Trust: 0.8 |
sources:
JVNDB: JVNDB-2020-012499 //
NVD: CVE-2020-3563
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
VULHUB: VHN-181688 //
VULMON: CVE-2020-3563 //
JVNDB: JVNDB-2020-012499 //
CNNVD: CNNVD-202010-1169 //
NVD: CVE-2020-3563 //
NVD: CVE-2020-3563
PROBLEMTYPE DATA
| problemtype: | CWE-400 | Trust: 1.1 |
| problemtype: | Resource exhaustion (CWE-400) [NVD Evaluation ] | Trust: 0.8 |
sources:
VULHUB: VHN-181688 //
JVNDB: JVNDB-2020-012499 //
NVD: CVE-2020-3563
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-202010-1169
TYPE
resource management error
Trust: 0.6
sources:
CNNVD: CNNVD-202010-1169
PATCH
| title: | cisco-sa-ftd-tcp-dos-GDcZDqAf | url: | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tcp-dos-GDcZDqAf | Trust: 0.8 |
sources:
JVNDB: JVNDB-2020-012499
EXTERNAL IDS
| db: | NVD | id: | CVE-2020-3563 | Trust: 2.6 |
| db: | JVNDB | id: | JVNDB-2020-012499 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-202010-1169 | Trust: 0.7 |
| db: | NSFOCUS | id: | 50194 | Trust: 0.6 |
| db: | AUSCERT | id: | ESB-2020.3634 | Trust: 0.6 |
| db: | VULHUB | id: | VHN-181688 | Trust: 0.1 |
| db: | VULMON | id: | CVE-2020-3563 | Trust: 0.1 |
sources:
VULHUB: VHN-181688 //
VULMON: CVE-2020-3563 //
JVNDB: JVNDB-2020-012499 //
CNNVD: CNNVD-202010-1169 //
NVD: CVE-2020-3563
REFERENCES
| url: | https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ftd-tcp-dos-gdczdqaf | Trust: 1.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2020-3563 | Trust: 1.4 |
| url: | https://www.auscert.org.au/bulletins/esb-2020.3634/ | Trust: 0.6 |
| url: | http://www.nsfocus.net/vulndb/50194 | Trust: 0.6 |
| url: | https://cwe.mitre.org/data/definitions/400.html | Trust: 0.1 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
sources:
VULHUB: VHN-181688 //
VULMON: CVE-2020-3563 //
JVNDB: JVNDB-2020-012499 //
CNNVD: CNNVD-202010-1169 //
NVD: CVE-2020-3563
SOURCES
| db: | VULHUB | id: | VHN-181688 |
| db: | VULMON | id: | CVE-2020-3563 |
| db: | JVNDB | id: | JVNDB-2020-012499 |
| db: | CNNVD | id: | CNNVD-202010-1169 |
| db: | NVD | id: | CVE-2020-3563 |
LAST UPDATE DATE
2024-08-14T14:18:45.286000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-181688 | date: | 2020-10-23T00:00:00 |
| db: | VULMON | id: | CVE-2020-3563 | date: | 2020-10-23T00:00:00 |
| db: | JVNDB | id: | JVNDB-2020-012499 | date: | 2021-05-11T06:16:00 |
| db: | CNNVD | id: | CNNVD-202010-1169 | date: | 2020-11-05T00:00:00 |
| db: | NVD | id: | CVE-2020-3563 | date: | 2020-10-23T17:49:30.937 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-181688 | date: | 2020-10-21T00:00:00 |
| db: | VULMON | id: | CVE-2020-3563 | date: | 2020-10-21T00:00:00 |
| db: | JVNDB | id: | JVNDB-2020-012499 | date: | 2021-05-11T00:00:00 |
| db: | CNNVD | id: | CNNVD-202010-1169 | date: | 2020-10-21T00:00:00 |
| db: | NVD | id: | CVE-2020-3563 | date: | 2020-10-21T19:15:17.967 |