—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
Updated the Summary section of the following advisories and released an additional advisory to provide information on a new vulnerability affecting fixed release recommendations for code trains 9.13 and 9.14.
Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2020-October-23.
The following PSIRT security advisories (8 High) were published at 01:07 UTC today.
Table of Contents:
1) Cisco Adaptive Security Appliance Software SSL/TLS Denial of Service Vulnerability – SIR: High
2) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Session Denial of Service Vulnerability – SIR: High
3) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Denial of Service Vulnerability – SIR: High
4) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL VPN Direct Memory Access Denial of Service Vulnerability – SIR: High
5) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPFv2 Link-Local Signaling Denial of Service Vulnerability – SIR: High
6) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IP Fragment Memory Leak Vulnerability – SIR: High
7) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services File Upload Denial of Service Vulnerability – SIR: High
8) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerability – SIR: High
+——————————————————————–
1) Cisco Adaptive Security Appliance Software SSL/TLS Denial of Service Vulnerability
CVE-2020-27124
SIR: High
CVSS Score v(3.1): 8.6
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-dos-7uZWwSEy [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssl-dos-7uZWwSEy”]
+——————————————————————–
2) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Session Denial of Service Vulnerability
CVE-2020-3572
SIR: High
CVSS Score v(3.1): 8.6
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-tcp-dos-N3DMnU4T [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-tcp-dos-N3DMnU4T”]
+——————————————————————–
3) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Denial of Service Vulnerability
CVE-2020-3554
SIR: High
CVSS Score v(3.0): 8.6
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-QFcNEPfx [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-QFcNEPfx”]
+——————————————————————–
4) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL VPN Direct Memory Access Denial of Service Vulnerability
CVE-2020-3529
SIR: High
CVSS Score v(3.1): 8.6
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx”]
+——————————————————————–
5) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPFv2 Link-Local Signaling Denial of Service Vulnerability
CVE-2020-3528
SIR: High
CVSS Score v(3.1): 8.6
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospflls-37Xy2q6r [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospflls-37Xy2q6r”]
+——————————————————————–
6) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IP Fragment Memory Leak Vulnerability
CVE-2020-3373
SIR: High
CVSS Score v(3.1): 8.6
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-frag-memleak-mCtqdP9n [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-frag-memleak-mCtqdP9n”]
+——————————————————————–
7) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services File Upload Denial of Service Vulnerability
CVE-2020-3436
SIR: High
CVSS Score v(3.0): 8.6
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-fileup-dos-zvC7wtys [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-fileup-dos-zvC7wtys”]
+——————————————————————–
8) Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerability
CVE-2020-3304
SIR: High
CVSS Score v(3.0): 8.6
URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webdos-fBzM5Ynw [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webdos-fBzM5Ynw”]
—–BEGIN PGP SIGNATURE—–
iQKDBAEBAgBtBQJfkjHTZhxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDIwLTIwMjEgW3JlZnJl
c2hdKSA8cHNpcnRAY2lzY28uY29tPgAKCRCbFvaOC+BFej3tD/4roiSy8WhlHgjT
Y96bH6lRvgnRQGkNNS2RhKiKlGA4+uFg2uXmVf/WVpyR2WGvTMArihErJu2fgdNJ
Cd8ip3VRrt5iNy+2V1O/ByDvX3Cn7W7LkKKobMJPUX6TnFB05cdMPRxf1GpHVqUb
JMc27iFyLF+n7JmdF6qtKqK6z2VEhrIryb3M5EVVBh96i1pzKEMCIEmXh6l2nmav
KdLfb/9duCiwpRawa0e7KsuR9N16alvEj6Q1+fXnll1798XDMLfDnrsN8xmoguGG
sa+MkHTRz/E3ycIZW/Frbm2qLdEushh66u4Yj7UopD70xYmk2htne2lWStnXDx6n
Xf38aee3hvc19g087/Ee0CCnjru1Eizw7IBtMQfAwpvyDsjdTmmKLj0pE3v9zhOD
7u9QdYGczKoslwGdN+kQKAH6YXTmxXhsu/OW+DnAC1b9zU5aEZIPnxXvKeD6tnbM
oLisIdjmNjmApTIR5PKASDtxj15jxDfuL+qafS+tyyRMBHwW/m4FLufS8vzUQrZz
XiBQ3xi7kcAeORiV83jC+cbVnPDANPllsfOvHHWzIN9XT8WJvj8eBYXl8EJgI5js
BOYTlArFMkOQp7yuVVlEIPJvVvAQK3Vul3epHckELm1niLQ2+JFZGas8CP/lNMu6
+6tZ5sCmU9MO3X3jX9ivn5DFqG4UUA==
=HpxJ
—–END PGP SIGNATURE—–
_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com