8.6
CVE-2020-3196
- EPSS 1.86%
- Veröffentlicht 06.05.2020 17:15:12
- Zuletzt bearbeitet 21.11.2024 05:30:31
- Quelle psirt@cisco.com
- Teams Watchlist Login
- Unerledigt Login
A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust memory resources on the affected device, leading to a denial of service (DoS) condition. The vulnerability is due to improper resource management for inbound SSL/TLS connections. An attacker could exploit this vulnerability by establishing multiple SSL/TLS connections with specific conditions to the affected device. A successful exploit could allow the attacker to exhaust the memory on the affected device, causing the device to stop accepting new SSL/TLS connections and resulting in a DoS condition for services on the device that process SSL/TLS traffic. Manual intervention is required to recover an affected device.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Firepower Threat Defense Version >= 6.2.3 < 6.2.3.16
Cisco ≫ Firepower Threat Defense Version >= 6.3.0 < 6.3.0.6
Cisco ≫ Firepower Threat Defense Version >= 6.4.0 < 6.4.0.9
Cisco ≫ Firepower Threat Defense Version >= 6.5.0 < 6.5.0.5
Cisco ≫ Asa 5505 Firmware Version9.4(4)
Cisco ≫ Asa 5505 Firmware Version9.8(4.18)
Cisco ≫ Asa 5505 Firmware Version100.13(0)
Cisco ≫ Asa 5510 Firmware Version9.4(4)
Cisco ≫ Asa 5510 Firmware Version9.8(4.18)
Cisco ≫ Asa 5510 Firmware Version100.13(0)
Cisco ≫ Asa 5512-x Firmware Version9.4(4)
Cisco ≫ Asa 5512-x Firmware Version9.8(4.18)
Cisco ≫ Asa 5512-x Firmware Version100.13(0)
Cisco ≫ Asa 5515-x Firmware Version9.4(4)
Cisco ≫ Asa 5515-x Firmware Version9.8(4.18)
Cisco ≫ Asa 5515-x Firmware Version100.13(0)
Cisco ≫ Asa 5520 Firmware Version9.4(4)
Cisco ≫ Asa 5520 Firmware Version9.8(4.18)
Cisco ≫ Asa 5520 Firmware Version100.13(0)
Cisco ≫ Asa 5525-x Firmware Version9.4(4)
Cisco ≫ Asa 5525-x Firmware Version9.8(4.18)
Cisco ≫ Asa 5525-x Firmware Version100.13(0)
Cisco ≫ Asa 5540 Firmware Version9.4(4)
Cisco ≫ Asa 5540 Firmware Version9.8(4.18)
Cisco ≫ Asa 5540 Firmware Version100.13(0)
Cisco ≫ Asa 5545-x Firmware Version9.4(4)
Cisco ≫ Asa 5545-x Firmware Version9.8(4.18)
Cisco ≫ Asa 5545-x Firmware Version100.13(0)
Cisco ≫ Asa 5550 Firmware Version9.4(4)
Cisco ≫ Asa 5550 Firmware Version9.8(4.18)
Cisco ≫ Asa 5550 Firmware Version100.13(0)
Cisco ≫ Asa 5555-x Firmware Version9.4(4)
Cisco ≫ Asa 5555-x Firmware Version9.8(4.18)
Cisco ≫ Asa 5555-x Firmware Version100.13(0)
Cisco ≫ Asa 5580 Firmware Version9.4(4)
Cisco ≫ Asa 5580 Firmware Version9.8(4.18)
Cisco ≫ Asa 5580 Firmware Version100.13(0)
Cisco ≫ Asa 5585-x Firmware Version9.4(4)
Cisco ≫ Asa 5585-x Firmware Version9.8(4.18)
Cisco ≫ Asa 5585-x Firmware Version100.13(0)
Cisco ≫ Adaptive Security Appliance Software Version >= 9.6 < 9.6.4.40
Cisco ≫ Adaptive Security Appliance Software Version >= 9.8 < 9.8.4.20
Cisco ≫ Adaptive Security Appliance Software Version >= 9.9 < 9.9.2.66
Cisco ≫ Adaptive Security Appliance Software Version >= 9.10 < 9.10.1.37
Cisco ≫ Adaptive Security Appliance Software Version >= 9.12 < 9.12.3.2
Cisco ≫ Adaptive Security Appliance Software Version >= 9.13 < 9.13.1.7
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.86% | 0.814 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.6 | 3.9 | 4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
| psirt@cisco.com | 8.6 | 3.9 | 4 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
|
CWE-400 Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.