{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T17:27:12.045","vulnerabilities":[{"cve":{"id":"CVE-2020-3571","sourceIdentifier":"psirt@cisco.com","published":"2020-10-21T19:15:18.230","lastModified":"2024-11-21T05:31:20.243","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the ICMP ingress packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 4110 appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incomplete input validation upon receiving ICMP packets. An attacker could exploit this vulnerability by sending a high number of crafted ICMP or ICMPv6 packets to an affected device. A successful exploit could allow the attacker to cause a memory exhaustion condition that may result in an unexpected reload. No manual intervention is needed to recover the device after the reload."},{"lang":"es","value":"Una vulnerabilidad en el procesamiento de paquetes de entrada ICMP de Cisco Firepower Threat Defense (FTD) Software para dispositivos Cisco Firepower 4110, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS) en un dispositivo afectado. La vulnerabilidad es debido a una comprobación de entrada incompleta al recibir paquetes ICMP. Un atacante podría explotar esta vulnerabilidad mediante el envío de una gran cantidad de paquetes ICMP o ICMPv6 diseñados a un dispositivo afectado. Una explotación con éxito podría permitir a un atacante causar una condición de agotamiento de la memoria que puede resultar en una recarga inesperada. No se necesita ninguna intervención manual para recuperar el dispositivo después de la recarga"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.0}],"cvssMetricV30":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:C","baseScore":7.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*","versionStartIncluding":"6.3.0","versionEndExcluding":"6.3.0.6","matchCriteriaId":"9D27DE97-510A-4761-8184-6940745B54E2"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndExcluding":"6.4.0.10","matchCriteriaId":"53C69C8B-5A19-4613-8861-683CF21806B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*","versionStartIncluding":"6.5.0","versionEndExcluding":"6.5.0.5","matchCriteriaId":"3ED0E59C-146C-494F-AD46-F6FB43F9C575"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*","matchCriteriaId":"A0CBC7F5-7767-43B6-9384-BE143FCDBD7F"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*","matchCriteriaId":"957D64EB-D60E-4775-B9A8-B21CA48ED3B1"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*","matchCriteriaId":"A694AD51-9008-4AE6-8240-98B17AB527EE"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*","matchCriteriaId":"38AE6DC0-2B03-4D36-9856-42530312CC46"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*","matchCriteriaId":"71DCEF22-ED20-4330-8502-EC2DD4C9838F"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*","matchCriteriaId":"3DB2822B-B752-4CD9-A178-934957E306B4"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*","matchCriteriaId":"81F4868A-6D62-479C-9C19-F9AABDBB6B24"},{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*","matchCriteriaId":"65378F3A-777C-4AE2-87FB-1E7402F9EA1B"}]}]}],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmp-dos-hxxcycM","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmp-dos-hxxcycM","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}