{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T18:54:29.554","vulnerabilities":[{"cve":{"id":"CVE-2020-3186","sourceIdentifier":"psirt@cisco.com","published":"2020-05-06T17:15:12.010","lastModified":"2024-11-21T05:30:30.277","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the management access list configuration of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured management interface access list on an affected system. The vulnerability is due to the configuration of different management access lists, with ports allowed in one access list and denied in another. An attacker could exploit this vulnerability by sending crafted remote management traffic to the local IP address of an affected system. A successful exploit could allow the attacker to bypass the configured management access list policies, and traffic to the management interface would not be properly denied."},{"lang":"es","value":"Una vulnerabilidad en la configuración de listas de acceso de administración del Cisco Firepower Threat Defense (FTD) Software, podría permitir a un atacante remoto no autenticado omitir una lista de acceso de la interfaz de administración configurada sobre un sistema afectado. La vulnerabilidad es debido a la configuración de diferentes listas de acceso de administración, con puertos permitidos en una lista de acceso y denegados en otra. Un atacante podría explotar esta vulnerabilidad mediante el envío de tráfico de administración remota diseñado hacia la dirección IP local de un sistema afectado. Una explotación con éxito podría permitir a un atacante omitir las políticas configuradas de la lista de acceso de administración, y el tráfico a la interfaz de administración no sería denegado apropiadamente."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV30":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*","versionStartIncluding":"6.3.0","versionEndExcluding":"6.3.0.6","matchCriteriaId":"9D27DE97-510A-4761-8184-6940745B54E2"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndExcluding":"6.4.0.7","matchCriteriaId":"532C5B46-89B4-4E40-A8BD-25833129995F"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*","versionStartIncluding":"6.5.0","versionEndExcluding":"6.5.0.2","matchCriteriaId":"931501EE-560C-49AD-805D-3008159E0A94"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asa_5505_firmware:9.12\\(1.6\\):*:*:*:*:*:*:*","matchCriteriaId":"0955FB2F-5A43-498D-A3A0-57FAD9EC529F"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asa_5505_firmware:201.5\\(23.16\\):*:*:*:*:*:*:*","matchCriteriaId":"5F7EC7AF-087E-49D2-B9F3-B46F7B7898A7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*","matchCriteriaId":"8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asa_5510_firmware:9.12\\(1.6\\):*:*:*:*:*:*:*","matchCriteriaId":"C6718EFA-D405-4386-9EC6-ECD89565822F"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asa_5510_firmware:201.5\\(23.16\\):*:*:*:*:*:*:*","matchCriteriaId":"1B3E851D-2555-4F14-9069-5CD4B4CE1C83"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*","matchCriteriaId":"B091B9BA-D4CA-435B-8D66-602B45F0E0BD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asa_5512-x_firmware:9.12\\(1.6\\):*:*:*:*:*:*:*","matchCriteriaId":"3F2F5397-59DF-4726-911D-A71D50D9E7FA"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asa_5512-x_firmware:201.5\\(23.16\\):*:*:*:*:*:*:*","matchCriteriaId":"1DB1C9D9-80DC-4D69-A0EB-BC1DE689A54E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*","matchCriteriaId":"08F0F160-DAD2-48D4-B7B2-4818B2526F35"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asa_5515-x_firmware:9.12\\(1.6\\):*:*:*:*:*:*:*","matchCriteriaId":"883C412B-1F04-46FF-9EBC-DD255E4302D1"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asa_5515-x_firmware:201.5\\(23.16\\):*:*:*:*:*:*:*","matchCriteriaId":"D489D871-D8B4-411A-B8B8-A3B39021587B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*","matchCriteriaId":"977D597B-F6DE-4438-AB02-06BE64D71EBE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asa_5520_firmware:9.12\\(1.6\\):*:*:*:*:*:*:*","matchCriteriaId":"10E0E709-E395-462B-95BC-8974A3E815F6"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asa_5520_firmware:201.5\\(23.16\\):*:*:*:*:*:*:*","matchCriteriaId":"686A7C5A-96BB-4618-B1D6-A29BCF33139B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*","matchCriteriaId":"2B387F62-6341-434D-903F-9B72E7F84ECB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asa_5525-x_firmware:9.12\\(1.6\\):*:*:*:*:*:*:*","matchCriteriaId":"DFB70CBF-1DB9-4641-BFDC-9297AFBE7BE6"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asa_5525-x_firmware:201.5\\(23.16\\):*:*:*:*:*:*:*","matchCriteriaId":"FD413534-D294-44C3-B576-461843BE943C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*","matchCriteriaId":"EB71EB29-0115-4307-A9F7-262394FD9FB0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asa_5540_firmware:9.12\\(1.6\\):*:*:*:*:*:*:*","matchCriteriaId":"0649437E-A1B5-4A0E-8112-4A730F07CC40"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asa_5540_firmware:201.5\\(23.16\\):*:*:*:*:*:*:*","matchCriteriaId":"3B6AC391-238C-4CEA-B134-F921B3E6D558"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*","matchCriteriaId":"17C5A524-E1D9-480F-B655-0680AA5BF720"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asa_5545-x_firmware:9.12\\(1.6\\):*:*:*:*:*:*:*","matchCriteriaId":"FCC88C08-817D-4188-B3BA-45947D0D2352"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asa_5545-x_firmware:201.5\\(23.16\\):*:*:*:*:*:*:*","matchCriteriaId":"21EF6164-7625-461E-AADB-441F77F095A6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*","matchCriteriaId":"57179F60-E330-4FF0-9664-B1E4637FF210"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asa_5550_firmware:9.12\\(1.6\\):*:*:*:*:*:*:*","matchCriteriaId":"2709CF0D-9E6D-4D44-B73E-80C613167F97"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asa_5550_firmware:201.5\\(23.16\\):*:*:*:*:*:*:*","matchCriteriaId":"54CC2571-B9CB-48BC-9656-EACE70A50FCC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*","matchCriteriaId":"E6287D95-F564-44B7-A0F9-91396D7C2C4E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asa_5555-x_firmware:9.12\\(1.6\\):*:*:*:*:*:*:*","matchCriteriaId":"DEA7F888-4E4D-4883-AD60-C46937A19DC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asa_5555-x_firmware:201.5\\(23.16\\):*:*:*:*:*:*:*","matchCriteriaId":"A4AB4464-7DC2-4FBF-A3A6-719C65582753"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*","matchCriteriaId":"5535C936-391B-4619-AA03-B35265FC15D7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asa_5580_firmware:9.12\\(1.6\\):*:*:*:*:*:*:*","matchCriteriaId":"C253ECB2-6E9B-4504-B88C-51FCF9422582"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asa_5580_firmware:201.5\\(23.16\\):*:*:*:*:*:*:*","matchCriteriaId":"EC4D3059-D22A-4659-9F9A-1399A3780D90"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*","matchCriteriaId":"D1E828B8-5ECC-4A09-B2AD-DEDC558713DE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asa_5585-x_firmware:9.12\\(1.6\\):*:*:*:*:*:*:*","matchCriteriaId":"AC16C92F-7788-42E0-80CB-2DC4864EF5F4"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:asa_5585-x_firmware:201.5\\(23.16\\):*:*:*:*:*:*:*","matchCriteriaId":"1BDC5ADC-6C6E-4AA0-AC0A-7CA1F5B395DF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*","matchCriteriaId":"16AE20C2-C77E-4E04-BF13-A48696E52426"}]}]}],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-accesslist-bypass-5dZs5qZp","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-accesslist-bypass-5dZs5qZp","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}