CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
52.6%
A vulnerability exists in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Firepower Threat Defense (FTD) Software due to improper management of system memory. An unauthenticated, remote attacker can exploit this, by sending malicious IKEv1 traffic to an affected device, in order to cause a denial of service (DoS) condition.
Please see the included Cisco BIDs and Cisco Security Advisory for more information.
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#TRUSTED 26c46e57fc22d8a2544a9fc65e46ecbd15672ac0f8f993de94e6e0d689def1b7f8e12422496be1ddf2d8ff842c755566d22a650b89ea785f618e2464f13ff337875c1b9eb47e925567cda50c6a1942f8afcd227d7307f4d707b2106b9b94cdd114e95d668d388159692d6c27f03ad13df7b962056b4dd546bec980832b1a7a33a0121fd7a9b46c8cd5bdd9c471028e0e9724578d2a4b42609160b6c1bf33099224bfc3acd35dfae89a3f17026eb5ed7aece9647e5722779c076e319240112ac346bee043ae7a54ffa81942d3805832ff5fb5d1ba582364e47fd02dd07c2d417da7f1fb0c6375acf13ed78b409f54d7dd1fa57c1a48b1e9c4286dca75767a2a1b2a0abccfaf17d1bfde62c88f13c98c462f522f20465ebc3902ed5696c2c7d043b45f092386279dfa8c166837a037fb277e04963a495c61569b40d732fd9f491790082214b11281886dedb2c822889b7f6a165d2abda1c0830d5ab70c177de61160b1393715ecf8b01ea44661662870289dac58fc51dc5cf5f9ae2e36d11289dbab877bdeec69650d5b735f078b2f5be16a25fea436439208009ef9017830acc61f01169865f81a74cb5417ee945059b8c4aebdd61dadda1fea933ba23bf29f4402f11494b7b9801347b8770ceee8b41f60adc673d6933fa8c1c0f8486f05479333d09e69a032d82c3f630bba0151e3fec76a38170c3d129f45bbc53c99f0b4be
#TRUST-RSA-SHA256 0e79bf2a9fa9a574dc2a785cf9ac384672ea33d1bf1287b75f7ab5a1473873491ba8388f85395837cef9145880fe8b198bbd792e785e80a29f3b49a15d95a21bb7209ca5f6cc3a9652ee6aa97524334c060e019a59795f7b22de2d70b3322e52fbad2f79541bb5be285228d45ae5eb68b2f837f4aca01ed8b58ec291ffe485094b3fdc7e9073d257d4c00f0115a9ba7a819bd60996a5ee491b43a0aeba1c1b080fb35be2d7b7a56cd8fff727869ffd4776cc432a2fc35a8c2203fe26649b3c064f217d3165b363461e50d84281fa15d5b2aee0a3d379b9801e4b3d9ad0e0c463336544be200d5e2d1675892c95674d784b24febfecb60a59887774611541d75d846f68a6286d79d2ea6d03bb2738ff8755c2c32809bb6fb4bcf4f4abd49abbdb3cef2c646ecf50872ec3f445d07db0eee569732af4fc0f3f1ce555def3ecce832fcc3cd7307e2c8c650485fe7fa796843e8f4dfdb848bd5a28f5f7b766fad6d2970ae5de0dea2f8efdd568b0bd7077094274a0882e9560cc5002f4dd7a05b78619ee880451cd29b2796e9d645952f75f0bbc9018969e67301b397e4f505ea7861438300c6b20b39339340dadfbfdd26c953ff75dc5c6b0898cbbdb18b4ac073e2937ce9f56967d83ea9a21fbe89af6127168693048667a6d0528d3eecd5dd2313125b657935e9fe6bb191d5b5868707ad9ca961116e3c75cfe6fe882cb6aa13e
#
# (C) Tenable Network Security, Inc.
#
include('compat.inc');
if (description)
{
script_id(136589);
script_version("1.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/03/31");
script_cve_id("CVE-2020-3303");
script_xref(name:"CISCO-BUG-ID", value:"CSCvq66080");
script_xref(name:"CISCO-SA", value:"cisco-sa-asa-dos-BqYFRJt9");
script_xref(name:"IAVA", value:"2020-A-0205-S");
script_name(english:"Cisco Firepower Threat Defense Software IKEv1 DoS (cisco-sa-asa-dos-BqYFRJt9)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch");
script_set_attribute(attribute:"description", value:
"A vulnerability exists in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Firepower Threat Defense (FTD)
Software due to improper management of system memory. An unauthenticated, remote attacker can exploit this, by sending
malicious IKEv1 traffic to an affected device, in order to cause a denial of service (DoS) condition.
Please see the included Cisco BIDs and Cisco Security Advisory for more information.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
# https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-BqYFRJt9
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?24d5d1c3");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvq66080");
script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in the Cisco Security Advisory");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-3303");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2020/05/06");
script_set_attribute(attribute:"patch_publication_date", value:"2020/05/06");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/05/14");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:firepower_threat_defense");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "os_fingerprint.nasl", "cisco_enumerate_firepower.nbin", "cisco_asa_firepower_version.nasl");
script_require_keys("installed_sw/Cisco Firepower Threat Defense");
exit(0);
}
include('cisco_workarounds.inc');
include('ccf.inc');
product_info = cisco::get_product_info(name:'Cisco Firepower Threat Defense');
vuln_ranges = [
{'min_ver' : '0.0', 'fix_ver': '6.3.0.5'},
{'min_ver' : '6.4.0', 'fix_ver': '6.4.0.6'}
];
workarounds = make_list(CISCO_WORKAROUNDS['no_workaround']);
reporting = make_array(
'port' , 0,
'severity' , SECURITY_HOLE,
'version' , product_info['version'],
'bug_id' , 'CSCvq66080',
'disable_caveat', TRUE
);
cisco::check_and_report(
product_info:product_info,
workarounds:workarounds,
reporting:reporting,
vuln_ranges:vuln_ranges
);
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
52.6%