Scribd
Upload
103 views8 pages

Vulnerability Information For Multiple Cisco Vulnerabilities - EP

The document contains a list of Common Vulnerabilities and Exposures (CVEs), their associated CVSS base scores, and vulnerability ratings. Most of the CVEs are rated as high severity, while some are rated as medium severity. The CVEs appear to primarily relate to vulnerabilities found in Cisco networking products including Cisco ASA Software, Cisco FTD Software, Cisco SMA Software, and Cisco Firepower Management Center (FMC) Software.

Uploaded by

eddie pang
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as XLSX, PDF, TXT or read online on Scribd
103 views8 pages

Vulnerability Information For Multiple Cisco Vulnerabilities - EP

The document contains a list of Common Vulnerabilities and Exposures (CVEs), their associated CVSS base scores, and vulnerability ratings. Most of the CVEs are rated as high severity, while some are rated as medium severity. The CVEs appear to primarily relate to vulnerabilities found in Cisco networking products including Cisco ASA Software, Cisco FTD Software, Cisco SMA Software, and Cisco Firepower Management Center (FMC) Software.

Uploaded by

eddie pang
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as XLSX, PDF, TXT or read online on Scribd
You are on page 1/ 8

CVE CVSS Base Score GITSIR’s Rating *

CVE-2020-3125 8.1 High


CVE-2020-3178 6.1 Medium
CVE-2020-3179 8.6 High
CVE-2020-3186 5.3 Medium
CVE-2020-3187 9.1 High
CVE-2020-3188 5.3 Medium
CVE-2020-3189 8.6 High
CVE-2020-3191 8.6 High
CVE-2020-3195 8.6 High
CVE-2020-3196 8.6 High
CVE-2020-3246 4.7 Medium
CVE-2020-3253 6.7 Medium
CVE-2020-3254 8.6 High
CVE-2020-3255 7.5 Medium
CVE-2020-3256 4.9 Medium
CVE-2020-3259 7.5 Medium
CVE-2020-3283 8.6 High
CVE-2020-3285 5.8 Medium
CVE-2020-3298 8.6 High
CVE-2020-3301
8.1 High
CVE-2020-3318
CVE-2020-3302 6.8 Medium
CVE-2020-3303 6.8 Medium
CVE-2020-3305 6.8 Medium
CVE-2020-3306 6.8 Medium
CVE-2020-3307 5.3 Medium
CVE-2020-3308 4.9 Medium
CVE-2020-3309 6.5 Medium
CVE-2020-3310 5.5 Medium
CVE-2020-3311 4.3 Medium
CVE-2020-3312 5.8 Medium
CVE-2020-3313 6.5 Medium

CVE-2020-3315 5.8 Medium

CVE-2020-3329 4.3 Medium


CVE-2020-3334 7.4 Medium
CVE-2019-16011 7.8 Medium
Vulnerability Information
Affected Products
Cisco products if they are running Cisco ASA Software with Kerberos authentication configured for VPN or local device access.
Cisco SMA Software releases earlier than Release 13.6.
Cisco FTD Software releases 6.3.0 and 6.4.0.
Cisco FTD Software code trains 6.3.0, 6.4.0, and 6.5.0.
Cisco products if they are running a vulnerable release of Cisco ASA Software or FTD Software
Cisco FTD Software releases earlier than Release 6.4.0.9 and Release 6.5.0.5.
Cisco FTD Software releases 6.2.3.12, 6.2.3.13, 6.2.3.14, and 6.2.3.15 if VPN System Logging is configured.
Vulnerable releases of Cisco ASA Software or FTD Software when configured with the IPv6 protocol.
Vulnerable release of Cisco ASA Software or Cisco FTD Software
Cisco products if they are running a vulnerable release of Cisco ASA Software or FTD Software
Cisco Umbrella, which is cloud based.
Cisco FTD Software releases earlier than Release 6.5.0.
Cisco products if they are running a vulnerable release of Cisco ASA Software or Cisco FTD Software
Vulnerable release of Cisco FTD Software and are configured with an access control policy to block certain types of traffic.
Cisco HCM-F Software releases earlier than Release 12.5(1)SU2.
Vulnerable release of Cisco ASA Software or FTD Software with a vulnerable AnyConnect or WebVPN configuration.
Cisco Firepower 1000 Series appliances if they are running a vulnerable release of Cisco FTD Software
Cisco FTD Software releases 6.4.0 through 6.4.0.8 with an SSL/TLS policy with URL category configured.
Cisco products that are running a vulnerable release of Cisco ASA Software or Cisco FTD Software

Cisco FMC Software releases earlier than Release 6.5.0 if they had a Firepower User Agent Software release earlier than Relea

Cisco FMC Software releases earlier than Release 6.2.2.2.


Cisco ASA Software and FTD Software.
Cisco ASA Software and Cisco FTD Software.
Cisco ASA Software or Cisco FTD Software.
Cisco FMC Software releases earlier than Release 6.3.0.2.
Cisco FTD Software releases earlier than Release 6.2.2.1.
Cisco FDM On-Box software releases earlier than Release 6.2.3.
Cisco FDM On-Box software releases earlier than Release 6.2.3.
Cisco FMC Software releases earlier than Release 6.3.0.
Cisco FTD Software releases earlier than releases 6.2.3.15, 6.3.0.5, and 6.4.0.6.
Cisco Firepower Management Center (FMC) releases earlier than Release 6.2.2.3.

Cisco products if they were running a vulnerable release of Cisco software:


• 1000 Series Integrated Services Routers (ISRs)
• 3000 Series Industrial Security Appliances (ISAs)
• 4000 Series Integrated Services Routers (ISRs)
• Cloud Services Router 1000V Series
• Firepower Threat Defense (FTD) Software
• Integrated Services Virtual Router (ISRv)

Cisco products:
• IMC Supervisor releases 1.1.0.0 and later, earlier than Release 2.2.1.3
• UCS Director releases 5.4.0.0 and later, earlier than Release 6.7.4.0
• UCS Director Express for Big Data releases 2.0.0.0 and later, earlier than Release 3.7.4.0
Cisco Adaptive Security Appliance (ASA) Software releases earlier than releases 9.10.1.37, 9.12.3, and 9.13.1.2.
Cisco IOS XE SD-WAN Software Command Injection Vulnerability
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-asa-kerberos-bypass-96Gghe2sS
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-opn-rdrct-yPPMdsMQ
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-2-sS2h7aWe
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-accesslist-bypass-5dZs5qZp
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-mgmt-interface-dos-FkG4MuTU
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-Rdpe34sd8
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipv6-67pA658k
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-memleak-DHpsgfnv
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-dos-qY7BHpjN
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-umbrella-head-inject-n4QArJH
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-shell-9rhJF68K
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgcp-SUqB8VKH
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-hcmf-xxe-qqCMAUJ2
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-info-disclose-9eJtycMB
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-dos-4v5nmWtZ
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssl-bypass-O5tGum2n
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-dos-RhMQY8qx
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmcua-statcred-weeCcZct

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmcai-z5dQObVN
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-BqYFRJt9
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-P43GCE5j
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-qk8cTGLz
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-alfo-tHwFDmTE
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sigbypass-FcvPPCeP
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fdmfo-HvPWKxDe
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xpftd-gYDXyN8H
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-webredirect-TcFgd42y
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-infodis-kZxGtUJD
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmcxss-UT3bMx9k
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort_filepolbypass-m4X5DgOP

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsd-Ar6BAguz
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fp2100-arp-dos-kLdCK8ks
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xesdwcinj-AcQ5MxCn
Not related
Not related
Not affected, plant version is v6.2.3.13
Not affected, plant version is v6.2.3.13
Not affected, anyconnect & webvpn are not being configured.
To be verified?
VPN system logging is not in used
IPv6 is not in used.
OSPF is not in used.

Not related

MGCP is not in used

Not related
Not affected, anyconnect & webvpn are not being configured.
Not related
Not affected, plant version is v6.2.3.13
OSPF is not in used.

Firepower User Agent is not in used.

Not affected, plant version is v6.2.3.13

Not affected, plant version is v6.2.3.13


Not affected, plant version is v6.2.3.13
Not affected, plant version is v6.2.3.13

Not affected, plant version is v6.2.3.13

The fixed only in version 6.6

Not related
Not related
Not related

You might also like