—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Updated the Summary section of the following advisories and released an additional advisory to provide information on a new vulnerability affecting fixed release recommendations for code trains 9.13 and 9.14.

Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2020-October-23.

The following PSIRT security advisories (8 High) were published at 01:07 UTC today.

Table of Contents:

1) Cisco Adaptive Security Appliance Software SSL/TLS Denial of Service Vulnerability – SIR: High

2) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Session Denial of Service Vulnerability – SIR: High

3) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Denial of Service Vulnerability – SIR: High

4) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL VPN Direct Memory Access Denial of Service Vulnerability – SIR: High

5) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPFv2 Link-Local Signaling Denial of Service Vulnerability – SIR: High

6) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IP Fragment Memory Leak Vulnerability – SIR: High

7) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services File Upload Denial of Service Vulnerability – SIR: High

8) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerability – SIR: High

+——————————————————————–

1) Cisco Adaptive Security Appliance Software SSL/TLS Denial of Service Vulnerability

CVE-2020-27124

SIR: High

CVSS Score v(3.1): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-dos-7uZWwSEy [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-dos-7uZWwSEy”]

+——————————————————————–

2) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Session Denial of Service Vulnerability

CVE-2020-3572

SIR: High

CVSS Score v(3.1): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-tcp-dos-N3DMnU4T [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-tcp-dos-N3DMnU4T”]

+——————————————————————–

3) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Denial of Service Vulnerability

CVE-2020-3554

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-QFcNEPfx [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-QFcNEPfx”]

+——————————————————————–

4) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL VPN Direct Memory Access Denial of Service Vulnerability

CVE-2020-3529

SIR: High

CVSS Score v(3.1): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx”]

+——————————————————————–

5) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPFv2 Link-Local Signaling Denial of Service Vulnerability

CVE-2020-3528

SIR: High

CVSS Score v(3.1): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospflls-37Xy2q6r [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospflls-37Xy2q6r”]

+——————————————————————–

6) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IP Fragment Memory Leak Vulnerability

CVE-2020-3373

SIR: High

CVSS Score v(3.1): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-frag-memleak-mCtqdP9n [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-frag-memleak-mCtqdP9n”]

+——————————————————————–

7) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services File Upload Denial of Service Vulnerability

CVE-2020-3436

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-fileup-dos-zvC7wtys [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-fileup-dos-zvC7wtys”]

+——————————————————————–

8) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerability

CVE-2020-3304

SIR: High

CVSS Score v(3.0): 8.6

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webdos-fBzM5Ynw [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webdos-fBzM5Ynw”]

—–BEGIN PGP SIGNATURE—–

iQKDBAEBAgBtBQJfkjHTZhxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDIwLTIwMjEgW3JlZnJl
c2hdKSA8cHNpcnRAY2lzY28uY29tPgAKCRCbFvaOC+BFej3tD/4roiSy8WhlHgjT
Y96bH6lRvgnRQGkNNS2RhKiKlGA4+uFg2uXmVf/WVpyR2WGvTMArihErJu2fgdNJ
Cd8ip3VRrt5iNy+2V1O/ByDvX3Cn7W7LkKKobMJPUX6TnFB05cdMPRxf1GpHVqUb
JMc27iFyLF+n7JmdF6qtKqK6z2VEhrIryb3M5EVVBh96i1pzKEMCIEmXh6l2nmav
KdLfb/9duCiwpRawa0e7KsuR9N16alvEj6Q1+fXnll1798XDMLfDnrsN8xmoguGG
sa+MkHTRz/E3ycIZW/Frbm2qLdEushh66u4Yj7UopD70xYmk2htne2lWStnXDx6n
Xf38aee3hvc19g087/Ee0CCnjru1Eizw7IBtMQfAwpvyDsjdTmmKLj0pE3v9zhOD
7u9QdYGczKoslwGdN+kQKAH6YXTmxXhsu/OW+DnAC1b9zU5aEZIPnxXvKeD6tnbM
oLisIdjmNjmApTIR5PKASDtxj15jxDfuL+qafS+tyyRMBHwW/m4FLufS8vzUQrZz
XiBQ3xi7kcAeORiV83jC+cbVnPDANPllsfOvHHWzIN9XT8WJvj8eBYXl8EJgI5js
BOYTlArFMkOQp7yuVVlEIPJvVvAQK3Vul3epHckELm1niLQ2+JFZGas8CP/lNMu6
+6tZ5sCmU9MO3X3jX9ivn5DFqG4UUA==
=HpxJ
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com