目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1000 CNY

100.0%
コーヒーを一杯おごる

CVE-2020-3255— Cisco Firepower Threat Defense 资源管理错误漏洞

EPSS 1.31% · P80
新しい脆弱性情報の通知を購読するログインして購読

I. CVE-2020-3255の基本情報

脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗

高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。

脆弱性タイトル
Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability
ソース: NVD (National Vulnerability Database)
脆弱性説明
A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states.
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
未加控制的资源消耗(资源穷尽)
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Cisco Firepower Threat Defense 资源管理错误漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Cisco Firepower Threat Defense(FTD)是美国思科(Cisco)公司的一套提供下一代防火墙服务的统一软件。 Cisco FTD Software中的数据包处理功能存在资源管理错误漏洞,该漏洞源于低效的内存管理。远程攻击者可通过高频率发送IPv4或IPv6流量利用该漏洞造成拒绝服务。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)

影響を受ける製品

ベンダープロダクト影響を受けるバージョンCPE購読
CiscoCisco Firepower Threat Defense Software n/a -

II. CVE-2020-3255の公開POC

#POC説明ソースリンクShenlongリンク
AI生成POCプレミアム

公開POCは見つかりませんでした。

ログインしてAI POCを生成

III. CVE-2020-3255のインテリジェンス情報

登录查看更多情报信息。

Same Patch Batch · Cisco · 2020-05-06 · 35 CVEs total

CVE-2020-3298Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Malformed
CVE-2020-3196Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS D
CVE-2020-3246Cisco Umbrella Carriage Return Line Feed Injection Vulnerability
CVE-2020-3253Cisco Firepower Threat Defense Software Shell Access Vulnerability
CVE-2020-3254Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Media Gat
CVE-2020-3256Cisco Hosted Collaboration Mediation Fulfillment XML External Expansion Vulnerability
CVE-2020-3259Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Servi
CVE-2020-3283Cisco Firepower 1000 Series SSL/TLS Denial of Service Vulnerability
CVE-2020-3285Cisco Firepower Threat Defense Software SSL/TLS URL Category Bypass Vulnerability
CVE-2020-3195Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF Pack
CVE-2020-3301Cisco Firepower Management Center Static Credential Vulnerabilities
CVE-2020-3302Cisco Firepower Management Center File Overwrite Vulnerability
CVE-2020-3303Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Den
CVE-2020-3305Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software BGP Denia
CVE-2020-3306Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DHCP Deni
CVE-2020-3307Cisco Firepower Management Center Arbitrary Log File Write Vulnerability
CVE-2020-3308Cisco Firepower Threat Defense Software Signature Verification Bypass Vulnerability
CVE-2020-3315Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability
CVE-2020-3178Cisco Content Security Management Appliance Open Redirect Vulnerabilities
CVE-2020-3179Cisco Firepower Threat Defense Software Generic Routing Encapsulation Tunnel IPv6 Denial o

Showing 20 of 35 CVEs. View all on vendor page →

IV. 関連脆弱性

同じ製品: Cisco Firepower Threat Defense Software
同じベンダー: Cisco
同じ弱点: CWE-400

V. CVE-2020-3255へのコメント

まだコメントはありません

コメントを残す