5.8

CVE-2020-3299

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured File Policy for HTTP packets and deliver a malicious payload.

Data is provided by the National Vulnerability Database (NVD)
CiscoFirepower Threat Defense Version >= 6.0.0 < 6.3.0.1
   CiscoCloud Services Router 1000v Version-
   CiscoIsrv Version-
   Cisco1100-4p Version-
   Cisco1100-8p Version-
   Cisco1101-4p Version-
   Cisco1109-2p Version-
   Cisco1109-4p Version-
   Cisco1111x-8p Version-
   Cisco4221 Integrated Services Router Version-
   Cisco4331 Integrated Services Router Version-
   Cisco4431 Integrated Services Router Version-
   Cisco4461 Integrated Services Router Version-
   CiscoIsa 3000 Version-
   CiscoMeraki Mx Version-
SnortSnort Version < 2.9.13.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.57% 0.678
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5.8 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:P/A:N
psirt@cisco.com 5.8 3.9 1.4
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
CWE-693 Protection Mechanism Failure

The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.