CVE-2020-3188

Name of the Vulnerable Software and Affected Versions Cisco Firepower Threat Defense (FTD) Software (affected versions not specified)

Description The issue is related to errors in resource management, which could allow a remote attacker to cause a denial of service (DoS) condition by creating a large number of remote management connections on the vulnerable device. The vulnerability exists due to a long default session timeout period for specific remote management connections. An attacker could exploit this by sending a large and sustained number of crafted remote management connections, resulting in a buildup of connections over time. This could cause the remote management interface or Cisco Firepower Device Manager (FDM) to stop responding, with other management functions going offline, resulting in a DoS condition. The DoS condition would be isolated to remote management only, and user traffic flowing through the device would not be affected.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.