Main Vulnerability Database SB2020051141

SB2020051141 - Denial of service in Cisco Firepower Threat Defense

Published: May 11, 2020

Security Bulletin ID SB2020051141

Severity

High

Patch available

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Buffer overflow (CVE-ID: CVE-2020-3283)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a communication error between internal functions in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) handler. A remote attacker can send a specially crafted SSL/TLS message, trigger memory corruption and cause a denial of service condition on the target system.

Note: This vulnerability affects Cisco Firepower Threat Defense (FTD) Software when running on the Cisco Firepower 1000 Series platform.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-dos-4v5nmWtZ