CVE-2020-3298
Summary
| CVE | CVE-2020-3298 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-05-06 17:15:00 UTC |
| Updated | 2023-08-16 16:17:00 UTC |
| Description | A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper memory protection mechanisms while processing certain OSPF packets. An attacker could exploit this vulnerability by sending a series of malformed OSPF packets in a short period of time to an affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition for client traffic that is traversing the device. |
Risk And Classification
Problem Types: CWE-125
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Cisco | Adaptive Security Appliance | All | All | All | All |
| Application | Cisco | Adaptive Security Appliance | All | All | All | All |
| Application | Cisco | Adaptive Security Appliance | All | All | All | All |
| Application | Cisco | Adaptive Security Appliance | All | All | All | All |
| Application | Cisco | Adaptive Security Appliance | All | All | All | All |
| Application | Cisco | Adaptive Security Appliance | All | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | All | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | All | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | All | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | All | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | All | All | All | All |
| Operating System | Cisco | Adaptive Security Appliance Software | All | All | All | All |
| Hardware | Cisco | Asa 5506-x | - | All | All | All |
| Hardware | Cisco | Asa 5506-x | - | All | All | All |
| Hardware | Cisco | Asa 5506h-x | - | All | All | All |
| Hardware | Cisco | Asa 5506h-x | - | All | All | All |
| Hardware | Cisco | Asa 5506w-x | - | All | All | All |
| Hardware | Cisco | Asa 5506w-x | - | All | All | All |
| Hardware | Cisco | Asa 5508-x | - | All | All | All |
| Hardware | Cisco | Asa 5508-x | - | All | All | All |
| Hardware | Cisco | Asa 5516-x | - | All | All | All |
| Hardware | Cisco | Asa 5516-x | - | All | All | All |
| Hardware | Cisco | Asa 5525-x | - | All | All | All |
| Hardware | Cisco | Asa 5525-x | - | All | All | All |
| Hardware | Cisco | Asa 5545-x | - | All | All | All |
| Hardware | Cisco | Asa 5545-x | - | All | All | All |
| Hardware | Cisco | Asa 5555-x | - | All | All | All |
| Hardware | Cisco | Asa 5555-x | - | All | All | All |
| Application | Cisco | Firepower Threat Defense | All | All | All | All |
| Application | Cisco | Firepower Threat Defense | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Malformed OSPF Packets Processing Denial of Service Vulnerability | CISCO | tools.cisco.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.