Lucene search

[email protected]CVE-2020-3179

HistoryMay 06, 2020 - 5:15 p.m.

CVE-2020-3179

2020-05-0617:15:00

CWE-415

[email protected]

web.nvd.nist.gov

cve-2020-3179

cisco

ftd software

vulnerability

remote attacker

dos

gre

ipv6

nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.002 Low

EPSS

Percentile

51.8%

JSON

A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory handling error when GRE over IPv6 traffic is processed. An attacker could exploit this vulnerability by sending crafted GRE over IPv6 packets with either IPv4 or IPv6 payload through an affected device. A successful exploit could allow the attacker to cause the device to crash, resulting in a DoS condition.

CPENameOperatorVersion
cisco:firepower_threat_defensecisco firepower threat defenselt6.4.0.6
cisco:firepower_threat_defensecisco firepower threat defenselt6.3.0.5
cisco:asa_5505_firmwarecisco asa 5505 firmwareeq9.9\(2\)
cisco:asa_5505_firmwarecisco asa 5505 firmwareeq101.5\(1.26\)
cisco:asa_5510_firmwarecisco asa 5510 firmwareeq9.9\(2\)
cisco:asa_5510_firmwarecisco asa 5510 firmwareeq101.5\(1.26\)
cisco:asa_5512-x_firmwarecisco asa 5512-x firmwareeq9.9\(2\)
cisco:asa_5512-x_firmwarecisco asa 5512-x firmwareeq101.5\(1.26\)
cisco:asa_5515-x_firmwarecisco asa 5515-x firmwareeq9.9\(2\)
cisco:asa_5515-x_firmwarecisco asa 5515-x firmwareeq101.5\(1.26\)

CPE	Name	Operator	Version
cisco:firepower_threat_defense	cisco firepower threat defense	lt	6.4.0.6
cisco:firepower_threat_defense	cisco firepower threat defense	lt	6.3.0.5
cisco:asa_5505_firmware	cisco asa 5505 firmware	eq	9.9\(2\)
cisco:asa_5505_firmware	cisco asa 5505 firmware	eq	101.5\(1.26\)
cisco:asa_5510_firmware	cisco asa 5510 firmware	eq	9.9\(2\)
cisco:asa_5510_firmware	cisco asa 5510 firmware	eq	101.5\(1.26\)
cisco:asa_5512-x_firmware	cisco asa 5512-x firmware	eq	9.9\(2\)
cisco:asa_5512-x_firmware	cisco asa 5512-x firmware	eq	101.5\(1.26\)
cisco:asa_5515-x_firmware	cisco asa 5515-x firmware	eq	9.9\(2\)
cisco:asa_5515-x_firmware	cisco asa 5515-x firmware	eq	101.5\(1.26\)

Rows per page:

1-10 of 261

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-2-sS2h7aWe

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.002 Low

EPSS

Percentile

51.8%

JSON

Related for CVE-2020-3179

cisco1 prion1 nessus1 threatpost1