CVE-2020-3565 — Improper Access Control in Cisco Firepower Threat Defense

CWE-284 — Improper Access Control CWE-287 — Improper Authentication4 documents4 sources

Severity

5.8MEDIUMNVD

EPSS

0.2%

top 57.93%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Firepower Threat Defense Cisco Firepower Threat Defense Software

Timeline

PublishedOct 21

Latest updateMay 24

Description

A vulnerability in the TCP Intercept functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured Access Control Policies (including Geolocation) and Service Polices on an affected system. The vulnerability exists because TCP Intercept is invoked when the embryonic connection limit is reached, which can cause the underlying detection engine to process the packet incorrectly. An attacker could exploit this vulnerability by sen…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5cisco/cisco_firepower_threat_defense_softwaren/a

▶NVDcisco/firepower_threat_defense6.5.0 — 6.5.0.4+2

🔴Vulnerability Details

GHSA

GHSA-6m36-86vp-x4xx: A vulnerability in the TCP Intercept functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to↗2022-05-24

▶

CVEList

Cisco Firepower Threat Defense Software TCP Intercept Bypass Vulnerability↗2020-10-21

▶

📋Vendor Advisories

Cisco

Cisco Firepower Threat Defense Software TCP Intercept Bypass Vulnerability↗2020-10-21

▶