{"containers": {"cna": {"affected": [{"product": "Cisco Adaptive Security Appliance (ASA) Software", "vendor": "Cisco", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2020-05-06T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in DNS over IPv6 packet processing for Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper length validation of a field in an IPv6 DNS packet. An attacker could exploit this vulnerability by sending a crafted DNS query over IPv6, which traverses the affected device. An exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to DNS over IPv6 traffic only."}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-05-06T16:41:16", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPv6 DNS Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipv6-67pA658k"}], "source": {"advisory": "cisco-sa-asaftd-ipv6-67pA658k", "defect": [["CSCvr07419"]], "discovery": "INTERNAL"}, "title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPv6 DNS Denial of Service Vulnerability", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2020-05-06T16:00:00-0700", "ID": "CVE-2020-3191", "STATE": "PUBLIC", "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPv6 DNS Denial of Service Vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco Adaptive Security Appliance (ASA) Software", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in DNS over IPv6 packet processing for Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper length validation of a field in an IPv6 DNS packet. An attacker could exploit this vulnerability by sending a crafted DNS query over IPv6, which traverses the affected device. An exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to DNS over IPv6 traffic only."}]}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "impact": {"cvss": {"baseScore": "8.6", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20"}]}]}, "references": {"reference_data": [{"name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPv6 DNS Denial of Service Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipv6-67pA658k"}]}, "source": {"advisory": "cisco-sa-asaftd-ipv6-67pA658k", "defect": [["CSCvr07419"]], "discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T07:24:00.910Z"}, "title": "CVE Program Container", "references": [{"name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPv6 DNS Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipv6-67pA658k"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-15T16:21:41.163420Z", "id": "CVE-2020-3191", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-15T17:25:21.757Z"}}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2020-3191", "datePublished": "2020-05-06T16:41:16.093868Z", "dateReserved": "2019-12-12T00:00:00", "dateUpdated": "2024-11-15T17:25:21.757Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipv6-67pA658k", "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPv6 DNS Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T07:24:00.910Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2020-3191", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-11-15T16:21:41.163420Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-15T16:22:20.408Z"}}], "cna": {"title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPv6 DNS Denial of Service Vulnerability", "source": {"defect": [["CSCvr07419"]], "advisory": "cisco-sa-asaftd-ipv6-67pA658k", "discovery": "INTERNAL"}, "metrics": [{"cvssV3_0": {"scope": "CHANGED", "version": "3.0", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Cisco", "product": "Cisco Adaptive Security Appliance (ASA) Software", "versions": [{"status": "affected", "version": "n/a"}]}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "datePublic": "2020-05-06T00:00:00", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipv6-67pA658k", "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPv6 DNS Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"]}], "descriptions": [{"lang": "en", "value": "A vulnerability in DNS over IPv6 packet processing for Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper length validation of a field in an IPv6 DNS packet. An attacker could exploit this vulnerability by sending a crafted DNS query over IPv6, which traverses the affected device. An exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to DNS over IPv6 traffic only."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2020-05-06T16:41:16"}, "x_legacyV4Record": {"impact": {"cvss": {"version": "3.0", "baseScore": "8.6", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"}}, "source": {"defect": [["CSCvr07419"]], "advisory": "cisco-sa-asaftd-ipv6-67pA658k", "discovery": "INTERNAL"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "n/a"}]}, "product_name": "Cisco Adaptive Security Appliance (ASA) Software"}]}, "vendor_name": "Cisco"}]}}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "data_type": "CVE", "references": {"reference_data": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipv6-67pA658k", "name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPv6 DNS Denial of Service Vulnerability", "refsource": "CISCO"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in DNS over IPv6 packet processing for Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper length validation of a field in an IPv6 DNS packet. An attacker could exploit this vulnerability by sending a crafted DNS query over IPv6, which traverses the affected device. An exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to DNS over IPv6 traffic only."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2020-3191", "STATE": "PUBLIC", "TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPv6 DNS Denial of Service Vulnerability", "ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2020-05-06T16:00:00-0700"}}}}, "cveMetadata": {"cveId": "CVE-2020-3191", "state": "PUBLISHED", "dateUpdated": "2024-11-15T17:25:21.757Z", "dateReserved": "2019-12-12T00:00:00", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2020-05-06T16:41:16.093868Z", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "C4B2E5D3-ED34-4A7E-BD8F-8492B6737677", "versionEndExcluding": "6.2.3.16", "versionStartIncluding": "6.2.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "9D27DE97-510A-4761-8184-6940745B54E2", "versionEndExcluding": "6.3.0.6", "versionStartIncluding": "6.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "3EDD3A04-6832-4533-8CE6-6083720E8654", "versionEndExcluding": "6.4.0.6", "versionStartIncluding": "6.4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5505_firmware:9.4\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "4151DD11-8D9E-4B30-9762-62A7C8900AF1", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asa_5505_firmware:96.4\\(0.42\\):*:*:*:*:*:*:*", "matchCriteriaId": "9D19BFA6-5642-423A-BC3E-CEBACD06F3F9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*", "matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5510_firmware:9.4\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "365F7DD4-29F7-4DBB-B86E-2E0CBFF31407", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asa_5510_firmware:96.4\\(0.42\\):*:*:*:*:*:*:*", "matchCriteriaId": "C11F9B11-9B16-492F-9142-AC0D920F1E19", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*", "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:9.4\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "058F618F-81C5-473D-81E1-7F52ED122391", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:96.4\\(0.42\\):*:*:*:*:*:*:*", "matchCriteriaId": "87A60AD4-7E61-4538-B0BC-DE08810C4819", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:9.4\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "723FCCD5-BBB7-4EFC-BC10-7DF675B35469", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:96.4\\(0.42\\):*:*:*:*:*:*:*", "matchCriteriaId": "D4DDC3BE-ABCF-4E30-B5C8-2C6C8FD87FCB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5520_firmware:9.4\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "1CD21786-2506-4E5B-94D0-A4ADBEB8AA50", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asa_5520_firmware:96.4\\(0.42\\):*:*:*:*:*:*:*", "matchCriteriaId": "2B2F410E-05C8-48C0-81FD-3E4B30AC6AE8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*", "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:9.4\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "0C027842-9992-4E73-A5B4-EFC4B9AA8EF6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:96.4\\(0.42\\):*:*:*:*:*:*:*", "matchCriteriaId": "12DF8456-3785-44EA-868F-659AED7A6052", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5540_firmware:9.4\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "FD48789B-881D-4223-9E22-1CEEB3F9D8C6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asa_5540_firmware:96.4\\(0.42\\):*:*:*:*:*:*:*", "matchCriteriaId": "41B1AA35-0D67-431A-8A08-D1A094BEA00C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*", "matchCriteriaId": "17C5A524-E1D9-480F-B655-0680AA5BF720", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:9.4\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "5113A511-B85E-432B-B602-D8DBF8801113", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:96.4\\(0.42\\):*:*:*:*:*:*:*", "matchCriteriaId": "B307A668-401B-452F-83D3-DC4122571357", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5550_firmware:9.4\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "3A0E63B4-C2F4-43C9-8F0E-BCD484BCFAE0", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asa_5550_firmware:96.4\\(0.42\\):*:*:*:*:*:*:*", "matchCriteriaId": "A5EF6675-0D00-48D5-BD2E-FC3AA0A2C064", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*", "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:9.4\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "5B0A4AC7-B0D9-485F-8F55-B74264238E6E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:96.4\\(0.42\\):*:*:*:*:*:*:*", "matchCriteriaId": "09A7B7E5-E0EA-48CE-9A18-2BA590C85B7C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5580_firmware:9.4\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "EF631E5F-998A-4AA7-89CF-954B58899DDA", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asa_5580_firmware:96.4\\(0.42\\):*:*:*:*:*:*:*", "matchCriteriaId": "919DBFD7-D5F9-41C8-B777-DC949D245CC4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*", "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:9.4\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "85936D50-13C2-4D1D-9987-2BE8DA7E2DA5", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:96.4\\(0.42\\):*:*:*:*:*:*:*", "matchCriteriaId": "CCAC6D10-D0F7-48C8-BC2F-A22F3CBF9B8A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "679D5374-F120-4540-B9D8-6A69D4E99CDD", "versionEndExcluding": "9.6.4.36", "versionStartIncluding": "9.6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "C74FF4EA-4CF7-4477-882F-8F0EABBE47A4", "versionEndExcluding": "9.8.4.12", "versionStartIncluding": "9.8", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "CEE81D32-51D0-41F7-B06B-0750DCB1F589", "versionEndExcluding": "9.9.2.66", "versionStartIncluding": "9.9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "49FFDB02-2944-4B31-BBC0-30E60BA9F9D1", "versionEndExcluding": "9.10.1.37", "versionStartIncluding": "9.10", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "2C0F64F2-0DFE-4904-85D6-ECD3D37E7385", "versionEndExcluding": "9.12.2.9", "versionStartIncluding": "9.12", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in DNS over IPv6 packet processing for Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper length validation of a field in an IPv6 DNS packet. An attacker could exploit this vulnerability by sending a crafted DNS query over IPv6, which traverses the affected device. An exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to DNS over IPv6 traffic only."}, {"lang": "es", "value": "Una vulnerabilidad en el procesamiento de paquetes DNS sobre IPv6 para el Cisco Adaptive Security Appliance (ASA) Software y el Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar que el dispositivo se sobrecargue inesperadamente, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad es debido a una comprobaci\u00f3n inapropiada de la longitud de un campo en un paquete DNS IPv6. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una consulta DNS sobre IPv6 dise\u00f1ada, que atraviesa el dispositivo afectado. Una explotaci\u00f3n podr\u00eda permitir al atacante causar que el dispositivo se sobrecargue, resultando en una condici\u00f3n DoS. Esta vulnerabilidad es espec\u00edfica solo de DNS sobre el tr\u00e1fico IPv6."}], "id": "CVE-2020-3191", "lastModified": "2024-11-21T05:30:30.980", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 4.0, "source": "ykramarz@cisco.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-05-06T17:15:12.290", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipv6-67pA658k"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipv6-67pA658k"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "ykramarz@cisco.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}