CVE-2020-3315

{"id": "CVE-2020-3315", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 5.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2020-05-06T17:15:13.823", "references": [{"url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html", "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort_filepolbypass-m4X5DgOP", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "https://www.debian.org/security/2023/dsa-5354", "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-668"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-693"}]}], "descriptions": [{"lang": "en", "value": "Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and deliver a malicious payload to the protected network."}, {"lang": "es", "value": "M\u00faltiples productos de Cisco est\u00e1n afectados por una vulnerabilidad en el motor de detecci\u00f3n Snort que podr\u00eda permitir a un atacante remoto no autenticado omitir las pol\u00edticas de archivos configuradas sobre un sistema afectado. La vulnerabilidad es debido a errores en como el motor de detecci\u00f3n Snort maneja respuestas HTTP espec\u00edficas. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de paquetes HTTP dise\u00f1ados que fluir\u00edan por medio de un sistema afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante omitir las pol\u00edticas de archivos configuradas y entregar una carga maliciosa a la red protegida."}], "lastModified": "2023-05-23T13:55:46.380", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:firepower_management_center:2.9.14.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8D0D90F-23A5-4056-A871-A06FA1969EE5"}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:2.9.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C53AE9E8-F123-42ED-BB8D-AC625E998951"}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:2.9.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C96EC981-446D-4741-AEE0-F615A468A7FF"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F90C934-5556-479B-873B-CC32F77B7BEC", "versionEndExcluding": "6.6.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:ios:15.2\\(7\\)e:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41206465-375A-4368-B390-8C629251D597"}, {"criteria": "cpe:2.3:o:cisco:ios:16.11.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76CAC6C9-6016-41B2-ADAB-0FF15E36BD43"}, {"criteria": "cpe:2.3:o:cisco:ios:17.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E1ECD4BE-D7E3-4A07-B354-9E6E3B942463"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B"}, {"criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7"}, {"criteria": "cpe:2.3:h:cisco:1100-lte_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EBE4E146-1D77-4F15-AE58-3C1CE5DB62C5"}, {"criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77"}, {"criteria": "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B80890A8-E3D3-462C-B125-9E9BC6525B02"}, {"criteria": "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0547E196-5991-4C33-823A-342542E9DFD3"}, {"criteria": "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16"}, {"criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97"}, {"criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350"}, {"criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A"}, {"criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5"}, {"criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD"}, {"criteria": "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E8B60888-6E2B-494E-AC65-83337661EE7D"}, {"criteria": "cpe:2.3:h:cisco:csr1000v:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "62081293-8355-4197-A5A8-1E434B808680"}, {"criteria": "cpe:2.3:h:cisco:isa-3000-2c2f-k9:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DC504D67-ABE7-4DA4-97DD-3D3EEE5D5208"}, {"criteria": "cpe:2.3:h:cisco:isa-3000-4c-k9:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4D7A3FA6-CAAB-4F64-8EC8-B12FE45D8E22"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ykramarz@cisco.com"}