CVE-2020-3315

EPSS 0.22%
Published 06.05.2020 17:15:13
Last modified 26.11.2024 16:09:02
Source psirt@cisco.com
Teams watchlist Login
Open Login

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and deliver a malicious payload to the protected network.

Affected products Warnungen 0 Metrics 4 CWE 2 References 6

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Firepower Threat Defense Version < 6.6.0

Cisco ≫ Secure Firewall Management Center Version2.9.14.4

Cisco ≫ Secure Firewall Management Center Version2.9.15

Cisco ≫ Secure Firewall Management Center Version2.9.16

Cisco ≫ Ios Version15.2(7)e

Cisco ≫ Ios Version16.11.2

Cisco ≫ Ios Version17.3.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.22%	0.411

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N
psirt@cisco.com	5.8	3.9	1.4	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE-668 Exposure of Resource to Wrong Sphere

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

CWE-693 Protection Mechanism Failure

The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort_filepolbypass-m4X5DgOP

Vendor Advisory

https://www.debian.org/security/2023/dsa-5354

https://nvd.nist.gov/vuln/detail/CVE-2020-3315

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-3315

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-3315

EUVD