Threat Level: green Handler on Duty: Renato Marinho

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Cisco Advisories for FTD, ASA, Firepower 1000

Published: 2020-05-19
Last Updated: 2020-05-19 14:25:26 UTC
by Rick Wanner (Version: 1)
0 comment(s)

Cisco has released a number of advisories for Firepower and Adaptive Security Appliance (ASA). 

Cisco Adaptive Security Appliance Software
CVE-2020-3259 - Web Services Information Disclosure Vulnerability – High 
-    An unauthenticated, remote, attacker can access memory and potentially confidential information.
CVE-2020-3298 - Malformed OSPF Packets Denial of Service Vulnerability – High
-    An unauthenticated, remote, attacker could cause a device to reload resulting in DOS
CVE-2020-3196SSL/TLS Denial of Service Vulnerability - High
-    Unauthenticated, remote attacker can exhaust memory resources leading to DOS
CVE-2020-3195OSPF Packet Processing Memory Leak Vulnerability – High
-    Unauthenticated, remote attacker can exhaust memory resources resulting in DOS

Firepower Threat Defense
CVE-2020-3259 - Web Services Information Disclosure Vulnerability – High 
-    An unauthenticated, remote attacker can access memory and potentially confidential information.
CVE-2020-3298 - Malformed OSPF Packets Denial of Service Vulnerability – High
-    An unauthenticated, remote, attacker could cause a device to reload resulting in DOS
CVE-2020-3255Packet Flood Denial of Service Vulnerability – High
-    An unauthenticated, remote attacker can cause a DOS on the device.
CVE-2020-3189VPN System Logging Denial of Service Vulnerability - High
-    Unauthenticated, remote attacker can cause memory leak resulting in device degradation or crash.
CVE-2020-3196SSL/TLS Denial of Service Vulnerability - High
-    Unauthenticated, remote attacker can exhaust memory resources leading to DOS
CVE-2020-3195OSPF Packet Processing Memory Leak Vulnerability – High
-    Unauthenticated, remote attacker can exhaust memory resources resulting in DOS

Firepower 1000
CVE-2020-3283SSL/TLS Denial of Service Vulnerability – High
-    Unauthenticated, remote attacker can cause buffer underrun resulting in DOS.

Althought Cisco rated all of these vulnerabilities the same, high, most of them require a patient, determined attacker and will result in a DOS condition.  The exception to this is CVE-2020-3259 which can result in a breach of sensitive information. Either way the solution is to upgrade to an unaffected version of the software.
 

 

-- Rick Wanner MSISE - rwanner at isc dot sans dot edu - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected)

Keywords: Cisco DOS
0 comment(s)
Diary Archives