| Vulnerability Name: | CVE-2020-3499 (CCN-190325) | ||||||||||||
| Assigned: | 2019-12-12 | ||||||||||||
| Published: | 2020-10-21 | ||||||||||||
| Updated: | 2022-10-29 | ||||||||||||
| Summary: | A vulnerability in the licensing service of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.The vulnerability is due to improper handling of system resource values by the affected system. An attacker could exploit this vulnerability by sending malicious requests to the targeted system. A successful exploit could allow the attacker to cause the affected system to become unresponsive, resulting in a DoS condition and preventing the management of dependent devices. | ||||||||||||
| CVSS v3 Severity: | 8.6 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H) 7.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C)
7.5 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
| ||||||||||||
| Vulnerability Type: | CWE-400 | ||||||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2020-3499 Source: XF Type: UNKNOWN cisco-cve20203499-dos(190325) Source: CCN Type: Cisco Security Advisory cisco-sa-ftdfmc-dos-NjYvDcLA Cisco Firepower Management Center Software Denial of Service Vulnerability Source: CISCO Type: Vendor Advisory 20201021 Cisco Firepower Management Center Software Denial of Service Vulnerability | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||