#VU27583 Protection Mechanism Failure in Cisco Firewall Threat Defense (FTD) - CVE-2020-3285
Published: May 7, 2020
Vulnerability identifier: #VU27583
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2020-3285
CWE-ID: CWE-693
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Cisco Firewall Threat Defense (FTD)
Cisco Firewall Threat Defense (FTD)
Software vendor:
Cisco Systems, Inc
Cisco Systems, Inc
Description
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to a logic error with Snort handling of the connection with the Transport Layer Security (version 1.3) policy and URL category configuration. A remote attacker can send a specially crafted TLS connections to an affected device, bypass the TLS policy and access URLs that are outside the affected device and normally would be dropped.
Remediation
Vendor recommends to update the Cisco FTD Software Release to version 6.4.0.9, scheduled for May 2020.