Cisco Advisories for FTD, ASA, Firepower 1000, (Tue, May 19th)

This post was originally published on this site

Cisco has released a number of advisories for Firepower and Adaptive Security Appliance (ASA). 

Cisco Adaptive Security Appliance Software
CVE-2020-3259Web Services Information Disclosure Vulnerability – High 
–    An unauthenticated, remote, attacker can access memory and potentially confidential information.
CVE-2020-3298Malformed OSPF Packets Denial of Service Vulnerability – High
–    An unauthenticated, remote, attacker could cause a device to reload resulting in DOS
CVE-2020-3196SSL/TLS Denial of Service Vulnerability – High
–    Unauthenticated, remote attacker can exhaust memory resources leading to DOS
CVE-2020-3195OSPF Packet Processing Memory Leak Vulnerability – High
–    Unauthenticated, remote attacker can exhaust memory resources resulting in DOS

Firepower Threat Defense
CVE-2020-3259Web Services Information Disclosure Vulnerability – High 
–    An unauthenticated, remote attacker can access memory and potentially confidential information.
CVE-2020-3298Malformed OSPF Packets Denial of Service Vulnerability – High
–    An unauthenticated, remote, attacker could cause a device to reload resulting in DOS
CVE-2020-3255Packet Flood Denial of Service Vulnerability – High
–    An unauthenticated, remote attacker can cause a DOS on the device.
CVE-2020-3189VPN System Logging Denial of Service Vulnerability – High
–    Unauthenticated, remote attacker can cause memory leak resulting in device degradation or crash.
CVE-2020-3196SSL/TLS Denial of Service Vulnerability – High
–    Unauthenticated, remote attacker can exhaust memory resources leading to DOS
CVE-2020-3195OSPF Packet Processing Memory Leak Vulnerability – High
–    Unauthenticated, remote attacker can exhaust memory resources resulting in DOS

Firepower 1000
CVE-2020-3283SSL/TLS Denial of Service Vulnerability – High
–    Unauthenticated, remote attacker can cause buffer underrun resulting in DOS.

Althought Cisco rated all of these vulnerabilities the same, high, most of them require a patient, determined attacker and will result in a DOS condition.  The exception to this is CVE-2020-3259 which can result in a breach of sensitive information. Either way the solution is to upgrade to an unaffected version of the software.
 

 

— Rick Wanner MSISE – rwanner at isc dot sans dot edu – http://namedeplume.blogspot.com/ – Twitter:namedeplume (Protected)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.