CVE-2020-3186

Name of the Vulnerable Software and Affected Versions Cisco Firepower Threat Defense (FTD) Software (affected versions not specified)

Description A vulnerability in the management access list configuration could allow an unauthenticated, remote attacker to bypass a configured management interface access list on an affected system. The issue arises from the configuration of different management access lists, where ports are allowed in one list and denied in another. An attacker could exploit this by sending crafted remote management traffic to the local IP address of an affected system, potentially allowing them to bypass the configured management access list policies and improperly deny traffic to the management interface.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.