Cisco ASA 5585-X Firmware 101.6(1.96)

CPE Details

Cisco ASA 5585-X Firmware 101.6(1.96)
cisco
asa_5585-x_firmware
101.6\(1.96\)
2021-01-11
14h48 +00:00
2021-01-11
14h48 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:cisco:asa_5585-x_firmware:101.6\(1.96\):*:*:*:*:*:*:*

Informations

Vendor

cisco

Product

asa_5585-x_firmware

Version

101.6\(1.96\)

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-3188 2020-05-06 16h41 +00:00 A vulnerability in how Cisco Firepower Threat Defense (FTD) Software handles session timeouts for management connections could allow an unauthenticated, remote attacker to cause a buildup of remote management connections to an affected device, which could result in a denial of service (DoS) condition. The vulnerability exists because the default session timeout period for specific to-the-box remote management connections is too long. An attacker could exploit this vulnerability by sending a large and sustained number of crafted remote management connections to an affected device, resulting in a buildup of those connections over time. A successful exploit could allow the attacker to cause the remote management interface or Cisco Firepower Device Manager (FDM) to stop responding and cause other management functions to go offline, resulting in a DoS condition. The user traffic that is flowing through the device would not be affected, and the DoS condition would be isolated to remote management only.
5.3
Medium
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.