CVE-2020-3179

HIGH

Cisco Firepower Threat Defense - DoS

Title source: llm

Description

A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory handling error when GRE over IPv6 traffic is processed. An attacker could exploit this vulnerability by sending crafted GRE over IPv6 packets with either IPv4 or IPv6 payload through an affected device. A successful exploit could allow the attacker to cause the device to crash, resulting in a DoS condition.

References (1)

[Vendor Advisory] https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-2-sS2h7aWe

Scores

CVSS v3 7.5

EPSS 0.0116

EPSS Percentile 78.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-415

Status published

Affected Products (25)

cisco/firepower_threat_defense < 6.3.0.5

cisco/asa_5505_firmware

cisco/asa_5510_firmware

cisco/asa_5512-x_firmware

cisco/asa_5515-x_firmware

cisco/asa_5520_firmware

cisco/asa_5525-x_firmware

cisco/asa_5540_firmware

... and 10 more

Timeline

Published May 06, 2020

Tracked Since Feb 18, 2026