A vulnerability in the management access list configuration of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured management interface access list on an affected system. The vulnerability is due to the configuration of different management access lists, with ports allowed in one access list and denied in another. An attacker could exploit this vulnerability by sending crafted remote management traffic to the local IP address of an affected system. A successful exploit could allow the attacker to bypass the configured management access list policies, and traffic to the management interface would not be properly denied.
History

Fri, 15 Nov 2024 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2020-05-06T16:35:11.967549Z

Updated: 2024-11-15T17:28:12.837Z

Reserved: 2019-12-12T00:00:00

Link: CVE-2020-3186

cve-icon Vulnrichment

Updated: 2024-08-04T07:24:00.636Z

cve-icon NVD

Status : Modified

Published: 2020-05-06T17:15:12.010

Modified: 2024-11-21T05:30:30.277

Link: CVE-2020-3186

cve-icon Redhat

No data.