Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-3299

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured File Policy for HTTP packets and deliver a malicious payload.

Published

2020-10-21T19:15:15.513

Last Modified

2024-11-21T05:30:45.790

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.8 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Secondary
CWE-693
Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	cisco	firepower_threat_defense	< 6.3.0.1	Yes
Application	cisco	cloud_services_router_1000v	-	No
Application	cisco	isrv	-	No
Hardware	cisco	1100-4p	-	No
Hardware	cisco	1100-8p	-	No
Hardware	cisco	1101-4p	-	No
Hardware	cisco	1109-2p	-	No
Hardware	cisco	1109-4p	-	No
Hardware	cisco	1111x-8p	-	No
Hardware	cisco	4221_integrated_services_router	-	No
Hardware	cisco	4331_integrated_services_router	-	No
Hardware	cisco	4431_integrated_services_router	-	No
Hardware	cisco	4461_integrated_services_router	-	No
Hardware	cisco	isa_3000	-	No
Hardware	cisco	meraki_mx	-	No
Application	snort	snort	< 2.9.13.1	Yes

References

https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html ([email protected])
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-bypass-3eCfd24j Vendor Advisory ([email protected])
https://www.debian.org/security/2023/dsa-5354 ([email protected])
https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html (af854a3a-2127-422b-91ae-364da2661108)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-bypass-3eCfd24j Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.debian.org/security/2023/dsa-5354 (af854a3a-2127-422b-91ae-364da2661108)