CVE-2020-3585Observable Discrepancy in Cisco Adaptive Security Appliance Software

CWE-203Observable Discrepancy4 documents4 sources
Severity
3.7LOWNVD
CNA5.3
EPSS
0.4%
top 41.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Cisco Adaptive Security Appliance SoftwareCisco Firepower Threat DefenseCisco Adaptive Security Appliance Software
Timeline
PublishedOct 21
Latest updateMay 24

Description

A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000 Series firewalls could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper implementation of countermeasures against the Bleichenbacher attack for cipher suites that rely on RSA for key exchange. An attacker could exploit this vulnerability by sending crafted TLS messag

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 2.2 | Impact: 1.4

Affected Packages3 packages

NVDcisco/firepower_threat_defense6.5.06.5.0.5+2

Patches

Patch: tools.cisco.comPatch: tools.cisco.com

🔴Vulnerability Details

2
GHSA
GHSA-w7hv-422j-p88g: A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Fir2022-05-24
CVEList
Cisco Firepower 1000 Series Bleichenbacher Attack Vulnerability2020-10-21

📋Vendor Advisories

1
Cisco
Cisco Firepower 1000 Series Bleichenbacher Attack Vulnerability2020-10-21
CVE-2020-3585 — Observable Discrepancy in Cisco | cvebase