CVE-2020-3577 — Improper Input Validation in Cisco Firepower Threat Defense

CWE-20 — Improper Input Validation4 documents4 sources

Severity

7.4HIGHNVD

EPSS

0.1%

top 72.19%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Firepower Threat Defense Cisco Firepower Threat Defense Software

Timeline

PublishedOct 21

Latest updateMay 24

Description

A vulnerability in the ingress packet processing path of Cisco Firepower Threat Defense (FTD) Software for interfaces that are configured either as Inline Pair or in Passive mode could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation when Ethernet frames are processed. An attacker could exploit this vulnerability by sending malicious Ethernet frames through an affected device. A successful exploit could …

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 2.8 | Impact: 4.0

Affected Packages2 packages

▶CVEListV5cisco/cisco_firepower_threat_defense_softwaren/a

▶NVDcisco/firepower_threat_defense6.4.0 — 6.4.0.10+3

🔴Vulnerability Details

GHSA

GHSA-wf6m-95w9-cc47: A vulnerability in the ingress packet processing path of Cisco Firepower Threat Defense (FTD) Software for interfaces that are configured either as In↗2022-05-24

▶

CVEList

Cisco Firepower Threat Defense Software Inline Pair/Passive Mode Denial of Service Vulnerability↗2020-10-21

▶

📋Vendor Advisories

Cisco

Cisco Firepower Threat Defense Software Inline Pair/Passive Mode Denial of Service Vulnerability↗2020-10-21

▶