CVE-2020-3255

A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:cisco:asa_5505_firmware:9.10\(1.3\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:cisco:asa_5510_firmware:9.10\(1.3\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:cisco:asa_5512-x_firmware:9.10\(1.3\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:cisco:asa_5515-x_firmware:9.10\(1.3\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:cisco:asa_5520_firmware:9.10\(1.3\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:cisco:asa_5525-x_firmware:9.10\(1.3\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:cisco:asa_5540_firmware:9.10\(1.3\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:cisco:asa_5545-x_firmware:9.10\(1.3\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:cisco:asa_5550_firmware:9.10\(1.3\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:cisco:asa_5555-x_firmware:9.10\(1.3\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:cisco:asa_5580_firmware:9.10\(1.3\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:cisco:asa_5585-x_firmware:9.10\(1.3\):*:*:*:*:*:*:*
cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:30

Type Values Removed Values Added
References () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR - Vendor Advisory () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR - Vendor Advisory

Information

Published : 2020-05-06 17:15

Updated : 2024-11-21 05:30


NVD link : CVE-2020-3255

Mitre link : CVE-2020-3255

CVE.ORG link : CVE-2020-3255


JSON object : View

Products Affected

cisco

  • asa_5555-x
  • asa_5525-x
  • asa_5585-x
  • asa_5505_firmware
  • asa_5550
  • asa_5545-x
  • asa_5585-x_firmware
  • asa_5580
  • asa_5540
  • firepower_threat_defense
  • asa_5505
  • asa_5525-x_firmware
  • asa_5555-x_firmware
  • asa_5512-x
  • asa_5515-x
  • asa_5550_firmware
  • asa_5515-x_firmware
  • asa_5510
  • asa_5510_firmware
  • asa_5580_firmware
  • asa_5520
  • asa_5545-x_firmware
  • asa_5512-x_firmware
  • asa_5520_firmware
  • asa_5540_firmware
CWE
CWE-400

Uncontrolled Resource Consumption