Main Vulnerability Database Vulnerabilities #VU27588

#VU27588 Resource exhaustion in Cisco Firewall Threat Defense (FTD) - CVE-2020-3189

Published: May 7, 2020

Vulnerability identifier: #VU27588

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2020-3189

CWE-ID: CWE-400

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Cisco Firewall Threat Defense (FTD)

Software vendor:
Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to application does not properly control consumption of internal resources in the VPN System Logging functionality. A remote attacker can create or delete a VPN tunnel connection, which could leak a small amount of system memory for each logging event, trigger resource exhaustion and perform a denial of service (DoS) attack.

Remediation

Vendor recommends to update the Cisco FTD Software Release to version 6.2.3.16 (June 2020), 6.3.0.6 (future release), 6.4.0.9 (May 2020), 6.5.0.5 (future release).

External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-Rdpe34sd8

#VU27588 Resource exhaustion in Cisco Firewall Threat Defense (FTD) - CVE-2020-3189

Description

Remediation

External links

Please verify you're human