8.6
CVE-2020-3191
- EPSS 1.04%
- Published 06.05.2020 17:15:12
- Last modified 21.11.2024 05:30:30
- Source psirt@cisco.com
- Teams watchlist Login
- Open Login
A vulnerability in DNS over IPv6 packet processing for Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper length validation of a field in an IPv6 DNS packet. An attacker could exploit this vulnerability by sending a crafted DNS query over IPv6, which traverses the affected device. An exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to DNS over IPv6 traffic only.
Data is provided by the National Vulnerability Database (NVD)
Cisco ≫ Firepower Threat Defense Version >= 6.2.3 < 6.2.3.16
Cisco ≫ Firepower Threat Defense Version >= 6.3.0 < 6.3.0.6
Cisco ≫ Firepower Threat Defense Version >= 6.4.0 < 6.4.0.6
Cisco ≫ Asa 5505 Firmware Version9.4(1)
Cisco ≫ Asa 5505 Firmware Version96.4(0.42)
Cisco ≫ Asa 5510 Firmware Version9.4(1)
Cisco ≫ Asa 5510 Firmware Version96.4(0.42)
Cisco ≫ Asa 5512-x Firmware Version9.4(1)
Cisco ≫ Asa 5512-x Firmware Version96.4(0.42)
Cisco ≫ Asa 5515-x Firmware Version9.4(1)
Cisco ≫ Asa 5515-x Firmware Version96.4(0.42)
Cisco ≫ Asa 5520 Firmware Version9.4(1)
Cisco ≫ Asa 5520 Firmware Version96.4(0.42)
Cisco ≫ Asa 5525-x Firmware Version9.4(1)
Cisco ≫ Asa 5525-x Firmware Version96.4(0.42)
Cisco ≫ Asa 5540 Firmware Version9.4(1)
Cisco ≫ Asa 5540 Firmware Version96.4(0.42)
Cisco ≫ Asa 5545-x Firmware Version9.4(1)
Cisco ≫ Asa 5545-x Firmware Version96.4(0.42)
Cisco ≫ Asa 5550 Firmware Version9.4(1)
Cisco ≫ Asa 5550 Firmware Version96.4(0.42)
Cisco ≫ Asa 5555-x Firmware Version9.4(1)
Cisco ≫ Asa 5555-x Firmware Version96.4(0.42)
Cisco ≫ Asa 5580 Firmware Version9.4(1)
Cisco ≫ Asa 5580 Firmware Version96.4(0.42)
Cisco ≫ Asa 5585-x Firmware Version9.4(1)
Cisco ≫ Asa 5585-x Firmware Version96.4(0.42)
Cisco ≫ Adaptive Security Appliance Software Version >= 9.6 < 9.6.4.36
Cisco ≫ Adaptive Security Appliance Software Version >= 9.8 < 9.8.4.12
Cisco ≫ Adaptive Security Appliance Software Version >= 9.9 < 9.9.2.66
Cisco ≫ Adaptive Security Appliance Software Version >= 9.10 < 9.10.1.37
Cisco ≫ Adaptive Security Appliance Software Version >= 9.12 < 9.12.2.9
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.04% | 0.754 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 8.6 | 3.9 | 4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
| psirt@cisco.com | 8.6 | 3.9 | 4 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.