Main Vulnerability Database Vulnerabilities #VU27591

#VU27591 Improper access control in Cisco Firewall Threat Defense (FTD) - CVE-2020-3186

Published: May 7, 2020

Vulnerability identifier: #VU27591

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2020-3186

CWE-ID: CWE-284

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Cisco Firewall Threat Defense (FTD)

Software vendor:
Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to the configuration of different management access lists, with ports allowed in one access list and denied in another. A remote attacker can send specially crafted remote management traffic to the local IP address and bypass a configured management interface access list on an affected system.

Remediation

Install updates from vendor's website.

External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-accesslist-bypass-5dZs5qZp

#VU27591 Improper access control in Cisco Firewall Threat Defense (FTD) - CVE-2020-3186

Description

Remediation

External links

Please verify you're human