CVE-2020-3255 — Vulnetix

CVE-2020-3255 PUBLISHED CVSS 7.5 HIGH

De multiples vulnérabilités ont été découvertes dans les produits Cisco Adaptive Security Appliance et Firepower Threat Defense. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.

EPSS 1.31% · 80.2th percentile

Risk Scores

CVSS 3.0

7.5

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score

1.31%

80.2th percentile

Affected Products

Vendor	Product	Versions
cisco	asa_5540_firmware	9.10\(1.3\)
cisco	asa_5512-x_firmware	*
cisco	asa_5585-x_firmware	9.10\(1.3\)
Cisco	Firepower Threat Defense
cisco	asa_5545-x_firmware	*
cisco	asa_5510_firmware	9.10\(1.3\)
cisco	asa_5555-x_firmware	9.10\(1.3\)
cisco	asa_5505_firmware	9.10\(1.3\)
cisco	firepower_threat_defense	6.3.0, 6.2.3, 6.4.0
cisco	asa_5580_firmware	*
cisco	asa_5550_firmware	9.10\(1.3\)
Cisco	Adaptive Security Appliance
cisco	asa_5525-x_firmware	9.10\(1.3\)
cisco	asa_5520_firmware	9.10\(1.3\)
Cisco	Cisco Firepower Threat Defense Software	n/a
cisco	asa_5515-x_firmware	*

Exploit Intelligence

20200506 Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability (circl)

Timeline

May 6, 2020 CVE Published
Apr 14, 2021 EPSS Score
Jun 23, 2021 EPSS Score
Aug 24, 2021 EPSS Score
Dec 27, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Feb 4, 2022 EPSS Score
Feb 28, 2022 EPSS Score
May 1, 2022 EPSS Score
Jul 3, 2022 EPSS Score
Sep 4, 2022 EPSS Score
Nov 6, 2022 EPSS Score

References

Open in Interactive Console →