ID

VAR-202010-1046


CVE

CVE-2020-3563


TITLE

Cisco Firepower Threat Defense  Resource depletion vulnerability in software

Trust: 0.8

sources: JVNDB: JVNDB-2020-012499

DESCRIPTION

A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a large number of TCP packets to a specific port on an affected device. A successful exploit could allow the attacker to exhaust system memory, which could cause the device to reload unexpectedly. No manual intervention is needed to recover the device after it has reloaded

Trust: 1.8

sources: NVD: CVE-2020-3563 // JVNDB: JVNDB-2020-012499 // VULHUB: VHN-181688 // VULMON: CVE-2020-3563

AFFECTED PRODUCTS

vendor:ciscomodel:firepower threat defensescope:ltversion:6.5.0.5

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.3.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.5.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.4.0.10

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.3.0.6

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.4.0

Trust: 1.0

vendor:シスコシステムズmodel:cisco firepower threat defense ソフトウェアscope:eqversion: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco firepower threat defense ソフトウェアscope:eqversion:cisco firepower threat defense software

Trust: 0.8

sources: JVNDB: JVNDB-2020-012499 // NVD: CVE-2020-3563

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-3563
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2020-3563
value: HIGH

Trust: 1.0

NVD: CVE-2020-3563
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202010-1169
value: HIGH

Trust: 0.6

VULHUB: VHN-181688
value: HIGH

Trust: 0.1

VULMON: CVE-2020-3563
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2020-3563
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-181688
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

ykramarz@cisco.com: CVE-2020-3563
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.0

Trust: 1.8

nvd@nist.gov: CVE-2020-3563
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-181688 // VULMON: CVE-2020-3563 // JVNDB: JVNDB-2020-012499 // CNNVD: CNNVD-202010-1169 // NVD: CVE-2020-3563 // NVD: CVE-2020-3563

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.1

problemtype:Resource exhaustion (CWE-400) [NVD Evaluation ]

Trust: 0.8

sources: VULHUB: VHN-181688 // JVNDB: JVNDB-2020-012499 // NVD: CVE-2020-3563

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202010-1169

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202010-1169

PATCH

title:cisco-sa-ftd-tcp-dos-GDcZDqAfurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tcp-dos-GDcZDqAf

Trust: 0.8

sources: JVNDB: JVNDB-2020-012499

EXTERNAL IDS

db:NVDid:CVE-2020-3563

Trust: 2.6

db:JVNDBid:JVNDB-2020-012499

Trust: 0.8

db:CNNVDid:CNNVD-202010-1169

Trust: 0.7

db:NSFOCUSid:50194

Trust: 0.6

db:AUSCERTid:ESB-2020.3634

Trust: 0.6

db:VULHUBid:VHN-181688

Trust: 0.1

db:VULMONid:CVE-2020-3563

Trust: 0.1

sources: VULHUB: VHN-181688 // VULMON: CVE-2020-3563 // JVNDB: JVNDB-2020-012499 // CNNVD: CNNVD-202010-1169 // NVD: CVE-2020-3563

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-ftd-tcp-dos-gdczdqaf

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2020-3563

Trust: 1.4

url:https://www.auscert.org.au/bulletins/esb-2020.3634/

Trust: 0.6

url:http://www.nsfocus.net/vulndb/50194

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/400.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-181688 // VULMON: CVE-2020-3563 // JVNDB: JVNDB-2020-012499 // CNNVD: CNNVD-202010-1169 // NVD: CVE-2020-3563

SOURCES

db:VULHUBid:VHN-181688
db:VULMONid:CVE-2020-3563
db:JVNDBid:JVNDB-2020-012499
db:CNNVDid:CNNVD-202010-1169
db:NVDid:CVE-2020-3563

LAST UPDATE DATE

2024-08-14T14:18:45.286000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-181688date:2020-10-23T00:00:00
db:VULMONid:CVE-2020-3563date:2020-10-23T00:00:00
db:JVNDBid:JVNDB-2020-012499date:2021-05-11T06:16:00
db:CNNVDid:CNNVD-202010-1169date:2020-11-05T00:00:00
db:NVDid:CVE-2020-3563date:2020-10-23T17:49:30.937

SOURCES RELEASE DATE

db:VULHUBid:VHN-181688date:2020-10-21T00:00:00
db:VULMONid:CVE-2020-3563date:2020-10-21T00:00:00
db:JVNDBid:JVNDB-2020-012499date:2021-05-11T00:00:00
db:CNNVDid:CNNVD-202010-1169date:2020-10-21T00:00:00
db:NVDid:CVE-2020-3563date:2020-10-21T19:15:17.967