—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2020-May-06.
The following PSIRT security advisories (12 High) were published at 16:00 UTC today.
Table of Contents:
1) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Information Disclosure Vulnerability – SIR: High
2) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF Packets Processing Memory Leak Vulnerability – SIR: High
3) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability – SIR: High
4) Cisco Firepower 1000 Series SSL/TLS Denial of Service Vulnerability – SIR: High
5) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Malformed OSPF Packets Processing Denial of Service Vulnerability – SIR: High
6) Cisco Firepower Threat Defense Software Generic Routing Encapsulation Tunnel IPv6 Denial of Service Vulnerability – SIR: High
7) Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability – SIR: High
8) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Media Gateway Control Protocol Denial of Service Vulnerabilities – SIR: High
9) Cisco Firepower Threat Defense Software VPN System Logging Denial of Service Vulnerability – SIR: High
10) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPv6 DNS Denial of Service Vulnerability – SIR: High
11) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Path Traversal Vulnerability – SIR: High
12) Cisco Adaptive Security Appliance Software Kerberos Authentication Bypass Vulnerability – SIR: High
+——————————————————————–
1) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Information Disclosure Vulnerability
CVE-2020-3259
SIR: High
CVSS Score v(3.0): 7.5
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-info-disclose-9eJtycMB [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-info-disclose-9eJtycMB”]
+——————————————————————–
2) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF Packets Processing Memory Leak Vulnerability
CVE-2020-3195
SIR: High
CVSS Score v(3.0): 8.6
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-memleak-DHpsgfnv [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-memleak-DHpsgfnv”]
+——————————————————————–
3) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability
CVE-2020-3196
SIR: High
CVSS Score v(3.0): 8.6
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-dos-qY7BHpjN [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-vpn-dos-qY7BHpjN”]
+——————————————————————–
4) Cisco Firepower 1000 Series SSL/TLS Denial of Service Vulnerability
CVE-2020-3283
SIR: High
CVSS Score v(3.0): 8.6
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-dos-4v5nmWtZ [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-dos-4v5nmWtZ”]
+——————————————————————–
5) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Malformed OSPF Packets Processing Denial of Service Vulnerability
CVE-2020-3298
SIR: High
CVSS Score v(3.0): 8.6
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-dos-RhMQY8qx [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ospf-dos-RhMQY8qx”]
+——————————————————————–
6) Cisco Firepower Threat Defense Software Generic Routing Encapsulation Tunnel IPv6 Denial of Service Vulnerability
CVE-2020-3179
SIR: High
CVSS Score v(3.0): 8.6
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-2-sS2h7aWe [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-2-sS2h7aWe”]
+——————————————————————–
7) Cisco Firepower Threat Defense Software Packet Flood Denial of Service Vulnerability
CVE-2020-3255
SIR: High
CVSS Score v(3.0): 7.5
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-N2vQZASR”]
+——————————————————————–
8) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Media Gateway Control Protocol Denial of Service Vulnerabilities
CVE-2020-3254
SIR: High
CVSS Score v(3.0): 8.6
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgcp-SUqB8VKH [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgcp-SUqB8VKH”]
+——————————————————————–
9) Cisco Firepower Threat Defense Software VPN System Logging Denial of Service Vulnerability
CVE-2020-3189
SIR: High
CVSS Score v(3.0): 8.6
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-Rdpe34sd8 [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-Rdpe34sd8”]
+——————————————————————–
10) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPv6 DNS Denial of Service Vulnerability
CVE-2020-3191
SIR: High
CVSS Score v(3.0): 8.6
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipv6-67pA658k [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ipv6-67pA658k”]
+——————————————————————–
11) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Path Traversal Vulnerability
CVE-2020-3187
SIR: High
CVSS Score v(3.0): 9.1
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43 [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43”]
+——————————————————————–
12) Cisco Adaptive Security Appliance Software Kerberos Authentication Bypass Vulnerability
CVE-2020-3125
SIR: High
CVSS Score v(3.0): 8.1
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-asa-kerberos-bypass-96Gghe2sS [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-asa-kerberos-bypass-96Gghe2sS”]
—–BEGIN PGP SIGNATURE—–
iQJ5BAEBAgBjBQJesuFbXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDIwLTIwMjEpIDxwc2ly
dEBjaXNjby5jb20+AAoJELm9eRtXgZjIJZMQAI6XOV0DKZPOpVYo5JoQ56STeupA
zxZ0+GodVF+B80/5CIw5ZMSnGQIV6FnGw/z9uSG5PEk0mAuDxOOOHrMUCBYc277O
1sLJIzebHL9afLESTv4A/bcBsoyYojm05e5xfFanuuxvqU3uGUGsWhvI0nb4LP1f
XX+sy3pQ7i1mto5FdJiaEpwqJOqe0bmL1lyTw94NYgR31QFP0lJ2MEwi86PtTKmG
rWsKNppjy32etXjU5JKr4278LrDSUab0lQkQ40PlUFo3KDKaIHDHzDkGqmMmc4ZG
qkmP1P63Mdpq8LKy2LR9qk+dpBpbzWPGNo7AybbjZEH7Shrow8f+/CUIpzBm83GN
TxYjgsbQI7z3/JnhXXMoG3X0Rahv+QPibvaxOPfjnGitLsM40iH17E/XAa0CW1dY
1HgzY8XETstSGSQds1vVyEiUwRoc0nPPFz5y5dQRFgaD3a3eUcJKZ4kF1APt0pUp
MgMWk/lxDQ6xzmyEMSbCMgPh4FmVPv5g6/AqixH1Sxq41uNPXzeY9mREkzr4YGx+
O7qXqJHlcz/+kV6SfKBjXJC2o9AXvTzlgPWmQUZy8EGCpTRb7kEQg2yXT9wdw1c2
NZI6/Jm4WeW0fOUg//Z7oXNBTgw6oU3iTwkpaOxs4dzDav1PfGsYxaHTcdtzxA/S
HIIOtc7gnUaAfoU4
=lOxq
—–END PGP SIGNATURE—–
_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com