Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
7.1
CVSSv2

CVE-2020-3562

Published: 21/10/2020 Updated: 23/10/2020
CVSS v2 Base Score: 7.1 | Impact Score: 6.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.6 | Impact Score: 4 | Exploitability Score: 3.9
VMScore: 632
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C

Vulnerability Summary

A vulnerability in the SSL/TLS inspection of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series firewalls could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation for certain fields of specific SSL/TLS messages. An attacker could exploit this vulnerability by sending a malformed SSL/TLS message through an affected device. A successful exploit could allow the malicious user to cause the affected device to reload, resulting in a DoS condition. No manual intervention is needed to recover the device after it has reloaded.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cisco firepower threat defense 6.3.0

cisco firepower threat defense 6.4.0

cisco firepower threat defense 6.5.0

Vendor Advisories

Cisco: Cisco Firepower 2100 Series SSL/TLS Inspection Denial of Service Vulnerability
A vulnerability in the SSL/TLS inspection of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series firewalls could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device The vulnerability is due to improper input validation for certain fields of specific SSL/TLS messages ...

References

CWE-119https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-dcrpt-dos-RYEkX4yyhttps://nvd.nist.govhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-dcrpt-dos-RYEkX4yy
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-6267XML injectionCVE-2024-37673CVE-2024-6266CVE-2024-30078arbitrary CVE-2024-36886CVE-2024-5346template injection
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook