{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "3920B277-4643-4601-A4C8-05C0C3D76C42", "versionEndExcluding": "6.3.0.5", "versionStartIncluding": "6.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "3EDD3A04-6832-4533-8CE6-6083720E8654", "versionEndExcluding": "6.4.0.6", "versionStartIncluding": "6.4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*", "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5505_firmware:9.9\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "A83DD80F-BA91-4963-9BCB-86E29CDBCD40", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asa_5505_firmware:101.5\\(1.26\\):*:*:*:*:*:*:*", "matchCriteriaId": "E1D26B17-4BC0-4182-AA15-E27B2B0A615C", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*", "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5510_firmware:9.9\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "0124350A-B946-4E2E-9022-91F36283FD1F", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asa_5510_firmware:101.5\\(1.26\\):*:*:*:*:*:*:*", "matchCriteriaId": "EAF3961E-8EEB-4D78-9C94-41BD0B1B32CC", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:9.9\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "445B2018-0C36-4548-AA11-5FCD114957B7", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:101.5\\(1.26\\):*:*:*:*:*:*:*", "matchCriteriaId": "C38F1054-D223-492A-8901-6B20749CAFD9", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:9.9\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "296C12B8-B49C-4D54-802C-B839973598E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:101.5\\(1.26\\):*:*:*:*:*:*:*", "matchCriteriaId": "077243B8-4103-42B4-874C-002BB8A81AE8", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*", "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5520_firmware:9.9\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "C7DFA877-2983-49DC-9C51-1C8BC9E3C0B3", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asa_5520_firmware:101.5\\(1.26\\):*:*:*:*:*:*:*", "matchCriteriaId": "794CD31C-C1A4-4DE4-BDFE-CBA172398128", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:9.9\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "925F2CEC-99EA-40AF-827C-A002900041B7", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:101.5\\(1.26\\):*:*:*:*:*:*:*", "matchCriteriaId": "8337D8B3-E834-4E7B-9AEE-B8D181A8FC53", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*", "matchCriteriaId": "17C5A524-E1D9-480F-B655-0680AA5BF720", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5540_firmware:9.9\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "8A2E5A45-7AA9-43F1-A937-7EA588CA306D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asa_5540_firmware:101.5\\(1.26\\):*:*:*:*:*:*:*", "matchCriteriaId": "72446CAD-9796-4A80-8C06-621FAA7E11CE", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:9.9\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "18F1F84D-1BDC-4C83-9AFD-8D6A7C4ECBF2", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:101.5\\(1.26\\):*:*:*:*:*:*:*", "matchCriteriaId": "3AA879CD-AEDD-4A2F-9CA9-F1C9D034091F", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5550_firmware:9.9\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "670A91E8-730B-4201-9CAA-5B0436EDDAF8", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asa_5550_firmware:101.5\\(1.26\\):*:*:*:*:*:*:*", "matchCriteriaId": "6886B720-975C-48CE-900F-6F3883D55BC0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*", "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:9.9\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "9C3147FE-8A2B-4147-903B-1ED59C020B70", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:101.5\\(1.26\\):*:*:*:*:*:*:*", "matchCriteriaId": "7CE8F42A-8F42-4DA4-864E-CD3F59727C3F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5580_firmware:9.9\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "9E83C904-A31F-4883-9967-675C1C850BA1", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asa_5580_firmware:101.5\\(1.26\\):*:*:*:*:*:*:*", "matchCriteriaId": "7517C43B-86AC-4653-AC0B-9FE689CF973F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*", "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:9.9\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "B98477E0-C039-454A-A1BE-7423E0E467A6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:101.5\\(1.26\\):*:*:*:*:*:*:*", "matchCriteriaId": "F28286B4-95DC-4197-B868-107660CFAFBF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory handling error when GRE over IPv6 traffic is processed. An attacker could exploit this vulnerability by sending crafted GRE over IPv6 packets with either IPv4 or IPv6 payload through an affected device. A successful exploit could allow the attacker to cause the device to crash, resulting in a DoS condition."}, {"lang": "es", "value": "Una vulnerabilidad en la funcionalidad de descapsulaci\u00f3n de t\u00fanel generic routing encapsulation (GRE) del Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) sobre un dispositivo afectado. La vulnerabilidad es debido a un error de manejo de la memoria cuando es procesada la GRE sobre el tr\u00e1fico IPv6. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de paquetes GRE sobre IPv6 dise\u00f1ados con carga \u00fatil de IPv4 o IPv6 a trav\u00e9s de un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante causar que el dispositivo se bloquee, resultando en una condici\u00f3n DoS."}], "id": "CVE-2020-3179", "lastModified": "2020-05-12T19:11:56.917", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 4.0, "source": "ykramarz@cisco.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-05-06T17:15:11.917", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-2-sS2h7aWe"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-415"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-415"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}