Main Vulnerability Database Vulnerabilities #VU27583

#VU27583 Protection Mechanism Failure in Cisco Firewall Threat Defense (FTD) - CVE-2020-3285

Published: May 7, 2020

Vulnerability identifier: #VU27583

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2020-3285

CWE-ID: CWE-693

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Cisco Firewall Threat Defense (FTD)

Software vendor:
Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to a logic error with Snort handling of the connection with the Transport Layer Security (version 1.3) policy and URL category configuration. A remote attacker can send a specially crafted TLS connections to an affected device, bypass the TLS policy and access URLs that are outside the affected device and normally would be dropped.

Remediation

Vendor recommends to update the Cisco FTD Software Release to version 6.4.0.9, scheduled for May 2020.

External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-bypass-O5tGum2n

#VU27583 Protection Mechanism Failure in Cisco Firewall Threat Defense (FTD) - CVE-2020-3285

Description

Remediation

External links

Please verify you're human