CVE-2020-3188 (CNNVD-202005-203)

MEDIUM
中文标题:
Cisco Firepower Threat Defense 资源管理错误漏洞
英文标题:
Cisco Firepower Threat Defense Software Management Interface Denial of Service Vulnerability
CVSS分数: 5.3
发布时间: 2020-05-06 16:41:06
漏洞类型: 资源管理错误
状态: PUBLISHED
数据质量分数: 0.30
数据版本: v3
漏洞描述
中文描述:

Cisco Firepower Threat Defense(FTD)是美国思科(Cisco)公司的一套提供下一代防火墙服务的统一软件。 Cisco FTD 6.4.0.9之前版本和6.5.0.5之前版本中会话超时(用于管理连接)的处理方法存在资源管理错误漏洞。攻击者可通过向受影响的设备持续发送大量特制远程管理连接利用该漏洞导致远程管理界面或Cisco Firepower Threat Defense停止响应,并使其他管理功能脱机,从而导致拒绝服务。

英文描述:

A vulnerability in how Cisco Firepower Threat Defense (FTD) Software handles session timeouts for management connections could allow an unauthenticated, remote attacker to cause a buildup of remote management connections to an affected device, which could result in a denial of service (DoS) condition. The vulnerability exists because the default session timeout period for specific to-the-box remote management connections is too long. An attacker could exploit this vulnerability by sending a large and sustained number of crafted remote management connections to an affected device, resulting in a buildup of those connections over time. A successful exploit could allow the attacker to cause the remote management interface or Cisco Firepower Device Manager (FDM) to stop responding and cause other management functions to go offline, resulting in a DoS condition. The user traffic that is flowing through the device would not be affected, and the DoS condition would be isolated to remote management only.

CWE类型:
CWE-399 CWE-613
标签:
(暂无数据)
受影响产品
厂商 产品 版本 版本范围 平台 CPE
Cisco Cisco Firepower Threat Defense Software n/a - - cpe:2.3:a:cisco:cisco_firepower_threat_defense_software:n_a:*:*:*:*:*:*:*
cisco firepower_threat_defense * - - cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*
cisco asa_5505_firmware 9.8\(3\) - - cpe:2.3:o:cisco:asa_5505_firmware:9.8\(3\):*:*:*:*:*:*:*
cisco asa_5505_firmware 101.6\(1.96\) - - cpe:2.3:o:cisco:asa_5505_firmware:101.6\(1.96\):*:*:*:*:*:*:*
cisco asa_5510_firmware 9.8\(3\) - - cpe:2.3:o:cisco:asa_5510_firmware:9.8\(3\):*:*:*:*:*:*:*
cisco asa_5510_firmware 101.6\(1.96\) - - cpe:2.3:o:cisco:asa_5510_firmware:101.6\(1.96\):*:*:*:*:*:*:*
cisco asa_5512-x_firmware 9.8\(3\) - - cpe:2.3:o:cisco:asa_5512-x_firmware:9.8\(3\):*:*:*:*:*:*:*
cisco asa_5512-x_firmware 101.6\(1.96\) - - cpe:2.3:o:cisco:asa_5512-x_firmware:101.6\(1.96\):*:*:*:*:*:*:*
cisco asa_5515-x_firmware 9.8\(3\) - - cpe:2.3:o:cisco:asa_5515-x_firmware:9.8\(3\):*:*:*:*:*:*:*
cisco asa_5515-x_firmware 101.6\(1.96\) - - cpe:2.3:o:cisco:asa_5515-x_firmware:101.6\(1.96\):*:*:*:*:*:*:*
cisco asa_5520_firmware 9.8\(3\) - - cpe:2.3:o:cisco:asa_5520_firmware:9.8\(3\):*:*:*:*:*:*:*
cisco asa_5520_firmware 101.6\(1.96\) - - cpe:2.3:o:cisco:asa_5520_firmware:101.6\(1.96\):*:*:*:*:*:*:*
cisco asa_5525-x_firmware 9.8\(3\) - - cpe:2.3:o:cisco:asa_5525-x_firmware:9.8\(3\):*:*:*:*:*:*:*
cisco asa_5525-x_firmware 101.6\(1.96\) - - cpe:2.3:o:cisco:asa_5525-x_firmware:101.6\(1.96\):*:*:*:*:*:*:*
cisco asa_5540_firmware 9.8\(3\) - - cpe:2.3:o:cisco:asa_5540_firmware:9.8\(3\):*:*:*:*:*:*:*
cisco asa_5540_firmware 101.6\(1.96\) - - cpe:2.3:o:cisco:asa_5540_firmware:101.6\(1.96\):*:*:*:*:*:*:*
cisco asa_5545-x_firmware 9.8\(3\) - - cpe:2.3:o:cisco:asa_5545-x_firmware:9.8\(3\):*:*:*:*:*:*:*
cisco asa_5545-x_firmware 101.6\(1.96\) - - cpe:2.3:o:cisco:asa_5545-x_firmware:101.6\(1.96\):*:*:*:*:*:*:*
cisco asa_5550_firmware 9.8\(3\) - - cpe:2.3:o:cisco:asa_5550_firmware:9.8\(3\):*:*:*:*:*:*:*
cisco asa_5550_firmware 101.6\(1.96\) - - cpe:2.3:o:cisco:asa_5550_firmware:101.6\(1.96\):*:*:*:*:*:*:*
cisco asa_5555-x_firmware 9.8\(3\) - - cpe:2.3:o:cisco:asa_5555-x_firmware:9.8\(3\):*:*:*:*:*:*:*
cisco asa_5555-x_firmware 101.6\(1.96\) - - cpe:2.3:o:cisco:asa_5555-x_firmware:101.6\(1.96\):*:*:*:*:*:*:*
cisco asa_5580_firmware 9.8\(3\) - - cpe:2.3:o:cisco:asa_5580_firmware:9.8\(3\):*:*:*:*:*:*:*
cisco asa_5580_firmware 101.6\(1.96\) - - cpe:2.3:o:cisco:asa_5580_firmware:101.6\(1.96\):*:*:*:*:*:*:*
cisco asa_5585-x_firmware 9.8\(3\) - - cpe:2.3:o:cisco:asa_5585-x_firmware:9.8\(3\):*:*:*:*:*:*:*
cisco asa_5585-x_firmware 101.6\(1.96\) - - cpe:2.3:o:cisco:asa_5585-x_firmware:101.6\(1.96\):*:*:*:*:*:*:*
解决方案
中文解决方案:
(暂无数据)
英文解决方案:
(暂无数据)
临时解决方案:
(暂无数据)
参考链接
20200506 Cisco Firepower Threat Defense Software Management Interface Denial of Service Vulnerability vendor-advisory
cve.org
访问
CVSS评分详情
3.0 (cna)
MEDIUM
5.3
CVSS向量: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
机密性
NONE
完整性
NONE
可用性
LOW
时间信息
发布时间:
2020-05-06 16:41:06
修改时间:
2024-11-15 17:25:40
创建时间:
2025-11-11 15:36:18
更新时间:
2025-11-11 15:56:07
利用信息
暂无可利用代码信息
数据源详情
数据源 记录ID 版本 提取时间
CVE cve_CVE-2020-3188 2025-11-11 15:20:36 2025-11-11 07:36:18
NVD nvd_CVE-2020-3188 2025-11-11 14:56:58 2025-11-11 07:44:43
CNNVD cnnvd_CNNVD-202005-203 2025-11-11 15:10:25 2025-11-11 07:56:07
版本与语言
当前版本: v3
主要语言: EN
支持语言:
EN ZH
安全公告
暂无安全公告信息
变更历史
v3 CNNVD
2025-11-11 15:56:07
vulnerability_type: 未提取 → 资源管理错误; cnnvd_id: 未提取 → CNNVD-202005-203; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']
查看详细变更
  • vulnerability_type: 未提取 -> 资源管理错误
  • cnnvd_id: 未提取 -> CNNVD-202005-203
  • data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
v2 NVD
2025-11-11 15:44:43
affected_products_count: 1 → 26; data_sources: ['cve'] → ['cve', 'nvd']
查看详细变更
  • affected_products_count: 1 -> 26
  • data_sources: ['cve'] -> ['cve', 'nvd']