CVE-2020-3191: Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IPv6 DNS Denial of Service Vulnerability

First published: Wed May 06 2020(Updated: )

A vulnerability in DNS over IPv6 packet processing for Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper length validation of a field in an IPv6 DNS packet. An attacker could exploit this vulnerability by sending a crafted DNS query over IPv6, which traverses the affected device. An exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to DNS over IPv6 traffic only.

Credit: ykramarz@cisco.com ykramarz@cisco.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-api
• collector/nvd-index
• agent/author
• agent/type
• agent/softwarecombine
• collector/mitre-cve
• source/MITRE
• agent/last-modified-date
• agent/references
• agent/severity
• agent/weakness
• agent/title
• agent/tags
• agent/description
• agent/first-publish-date
• agent/event
• vendor/cisco
• canonical/cisco firepower threat defense
• version/cisco firepower threat defense/6.2.3
• version/cisco firepower threat defense/6.3.0
• version/cisco firepower threat defense/6.4.0
• canonical/cisco asa 5505 firmware
• version/cisco asa 5505 firmware/9.4\(1\)
• version/cisco asa 5505 firmware/96.4\(0.42\)
• canonical/cisco asa 5505
• canonical/cisco asa 5510 firmware
• version/cisco asa 5510 firmware/9.4\(1\)
• version/cisco asa 5510 firmware/96.4\(0.42\)
• canonical/cisco asa 5510
• canonical/cisco asa 5512-x firmware
• version/cisco asa 5512-x firmware/9.4\(1\)
• version/cisco asa 5512-x firmware/96.4\(0.42\)
• canonical/cisco asa 5512-x
• canonical/cisco asa 5515-x firmware
• version/cisco asa 5515-x firmware/9.4\(1\)
• version/cisco asa 5515-x firmware/96.4\(0.42\)
• canonical/cisco asa 5515-x
• canonical/cisco asa 5520 firmware
• version/cisco asa 5520 firmware/9.4\(1\)
• version/cisco asa 5520 firmware/96.4\(0.42\)
• canonical/cisco asa 5520
• canonical/cisco asa 5525-x firmware
• version/cisco asa 5525-x firmware/9.4\(1\)
• version/cisco asa 5525-x firmware/96.4\(0.42\)
• canonical/cisco asa 5525-x
• canonical/cisco asa 5540 firmware
• version/cisco asa 5540 firmware/9.4\(1\)
• version/cisco asa 5540 firmware/96.4\(0.42\)
• canonical/cisco asa 5540
• canonical/cisco asa 5545-x firmware
• version/cisco asa 5545-x firmware/9.4\(1\)
• version/cisco asa 5545-x firmware/96.4\(0.42\)
• canonical/cisco asa 5545-x
• canonical/cisco asa 5550 firmware
• version/cisco asa 5550 firmware/9.4\(1\)
• version/cisco asa 5550 firmware/96.4\(0.42\)
• canonical/cisco asa 5550
• canonical/cisco asa 5555-x firmware
• version/cisco asa 5555-x firmware/9.4\(1\)
• version/cisco asa 5555-x firmware/96.4\(0.42\)
• canonical/cisco asa 5555-x
• canonical/cisco asa 5580 firmware
• version/cisco asa 5580 firmware/9.4\(1\)
• version/cisco asa 5580 firmware/96.4\(0.42\)
• canonical/cisco asa 5580
• canonical/cisco asa 5585-x firmware
• version/cisco asa 5585-x firmware/9.4\(1\)
• version/cisco asa 5585-x firmware/96.4\(0.42\)
• canonical/cisco asa 5585-x
• canonical/cisco adaptive security appliance software
• version/cisco adaptive security appliance software/9.6
• version/cisco adaptive security appliance software/9.8
• version/cisco adaptive security appliance software/9.9
• version/cisco adaptive security appliance software/9.10
• version/cisco adaptive security appliance software/9.12