CVE-2020-3585

EPSS 0.37%
Veröffentlicht 21.10.2020 19:15:18
Zuletzt bearbeitet 21.11.2024 05:31:21
Quelle psirt@cisco.com
Teams Watchlist Login
Unerledigt Login

A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000 Series firewalls could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper implementation of countermeasures against the Bleichenbacher attack for cipher suites that rely on RSA for key exchange. An attacker could exploit this vulnerability by sending crafted TLS messages to the device, which would act as an oracle and allow the attacker to carry out a chosen-ciphertext attack. A successful exploit could allow the attacker to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions to the affected device. To exploit this vulnerability, an attacker must be able to perform both of the following actions: Capture TLS traffic that is in transit between clients and the affected device Actively establish a considerable number of TLS connections to the affected device

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Firepower Threat Defense Version < 6.4.0.10

   Cisco ≫ Firepower 1000 Version-
   Cisco ≫ Firepower 1010 Version-
   Cisco ≫ Firepower 1120 Version-
   Cisco ≫ Firepower 1140 Version-
   Cisco ≫ Firepower 1150 Version-

Cisco ≫ Firepower Threat Defense Version >= 6.5.0 < 6.5.0.5

   Cisco ≫ Firepower 1000 Version-
   Cisco ≫ Firepower 1010 Version-
   Cisco ≫ Firepower 1120 Version-
   Cisco ≫ Firepower 1140 Version-
   Cisco ≫ Firepower 1150 Version-

Cisco ≫ Firepower Threat Defense Version >= 6.6.0 < 6.6.1

   Cisco ≫ Firepower 1000 Version-
   Cisco ≫ Firepower 1010 Version-
   Cisco ≫ Firepower 1120 Version-
   Cisco ≫ Firepower 1140 Version-
   Cisco ≫ Firepower 1150 Version-

Cisco ≫ Adaptive Security Appliance Software Version < 9.13.1.13

   Cisco ≫ Firepower 1000 Version-
   Cisco ≫ Firepower 1010 Version-
   Cisco ≫ Firepower 1120 Version-
   Cisco ≫ Firepower 1140 Version-
   Cisco ≫ Firepower 1150 Version-

Cisco ≫ Adaptive Security Appliance Software Version >= 9.14 < 9.14.1.30

   Cisco ≫ Firepower 1000 Version-
   Cisco ≫ Firepower 1010 Version-
   Cisco ≫ Firepower 1120 Version-
   Cisco ≫ Firepower 1140 Version-
   Cisco ≫ Firepower 1150 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.37%	0.577

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	3.7	2.2	1.4	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N
psirt@cisco.com	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-203 Observable Discrepancy

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-tls-bb-2g9uWkP

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-3585

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-3585

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-3585

EUVD