CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-3299

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured File Policy for HTTP packets and deliver a malicious payload.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.0%

CVSS Severity

CVSS v3 Score 5.8

CVSS v2 Score 5.0

References

Products affected by CVE-2020-3299

Cisco » Cloud Services Router 1000v » Version: N/A

cpe:2.3:a:cisco:cloud_services_router_1000v:-
Cisco » Firepower Threat Defense » Version: 6.0.0

cpe:2.3:a:cisco:firepower_threat_defense:6.0.0
Cisco » Firepower Threat Defense » Version: 6.0.0.1

cpe:2.3:a:cisco:firepower_threat_defense:6.0.0.1
Cisco » Firepower Threat Defense » Version: 6.0.1

cpe:2.3:a:cisco:firepower_threat_defense:6.0.1
Cisco » Firepower Threat Defense » Version: 6.0.1.1

cpe:2.3:a:cisco:firepower_threat_defense:6.0.1.1
Cisco » Firepower Threat Defense » Version: 6.0.1.2

cpe:2.3:a:cisco:firepower_threat_defense:6.0.1.2
Cisco » Firepower Threat Defense » Version: 6.0.1.3

cpe:2.3:a:cisco:firepower_threat_defense:6.0.1.3
Cisco » Firepower Threat Defense » Version: 6.0.1.4

cpe:2.3:a:cisco:firepower_threat_defense:6.0.1.4
Cisco » Firepower Threat Defense » Version: 6.1.0

cpe:2.3:a:cisco:firepower_threat_defense:6.1.0
Cisco » Firepower Threat Defense » Version: 6.1.0.1

cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.1
Cisco » Firepower Threat Defense » Version: 6.1.0.2

cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.2
Cisco » Firepower Threat Defense » Version: 6.1.0.3

cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.3
Cisco » Firepower Threat Defense » Version: 6.1.0.4

cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.4
Cisco » Firepower Threat Defense » Version: 6.1.0.5

cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.5
Cisco » Firepower Threat Defense » Version: 6.1.0.6

cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.6
Cisco » Firepower Threat Defense » Version: 6.1.0.7

cpe:2.3:a:cisco:firepower_threat_defense:6.1.0.7
Cisco » Firepower Threat Defense » Version: 6.2.0

cpe:2.3:a:cisco:firepower_threat_defense:6.2.0
Cisco » Firepower Threat Defense » Version: 6.2.0.1

cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.1
Cisco » Firepower Threat Defense » Version: 6.2.0.2

cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.2
Cisco » Firepower Threat Defense » Version: 6.2.0.3

cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.3
Cisco » Firepower Threat Defense » Version: 6.2.0.4

cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.4
Cisco » Firepower Threat Defense » Version: 6.2.0.5

cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.5
Cisco » Firepower Threat Defense » Version: 6.2.0.6

cpe:2.3:a:cisco:firepower_threat_defense:6.2.0.6
Cisco » Firepower Threat Defense » Version: 6.2.1

cpe:2.3:a:cisco:firepower_threat_defense:6.2.1
Cisco » Firepower Threat Defense » Version: 6.2.2

cpe:2.3:a:cisco:firepower_threat_defense:6.2.2
Cisco » Firepower Threat Defense » Version: 6.2.2.1

cpe:2.3:a:cisco:firepower_threat_defense:6.2.2.1
Cisco » Firepower Threat Defense » Version: 6.2.2.2

cpe:2.3:a:cisco:firepower_threat_defense:6.2.2.2
Cisco » Firepower Threat Defense » Version: 6.2.2.3

cpe:2.3:a:cisco:firepower_threat_defense:6.2.2.3
Cisco » Firepower Threat Defense » Version: 6.2.2.4

cpe:2.3:a:cisco:firepower_threat_defense:6.2.2.4
Cisco » Firepower Threat Defense » Version: 6.2.2.5

cpe:2.3:a:cisco:firepower_threat_defense:6.2.2.5
Cisco » Firepower Threat Defense » Version: 6.2.3

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3
Cisco » Firepower Threat Defense » Version: 6.2.3.0

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.0
Cisco » Firepower Threat Defense » Version: 6.2.3.1

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1
Cisco » Firepower Threat Defense » Version: 6.2.3.10

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10
Cisco » Firepower Threat Defense » Version: 6.2.3.11

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11
Cisco » Firepower Threat Defense » Version: 6.2.3.12

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12
Cisco » Firepower Threat Defense » Version: 6.2.3.13

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13
Cisco » Firepower Threat Defense » Version: 6.2.3.14

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14
Cisco » Firepower Threat Defense » Version: 6.2.3.15

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15
Cisco » Firepower Threat Defense » Version: 6.2.3.16

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16
Cisco » Firepower Threat Defense » Version: 6.2.3.17

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17
Cisco » Firepower Threat Defense » Version: 6.2.3.18

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18
Cisco » Firepower Threat Defense » Version: 6.2.3.2

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2
Cisco » Firepower Threat Defense » Version: 6.2.3.3

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3
Cisco » Firepower Threat Defense » Version: 6.2.3.4

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4
Cisco » Firepower Threat Defense » Version: 6.2.3.5

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5
Cisco » Firepower Threat Defense » Version: 6.2.3.6

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6
Cisco » Firepower Threat Defense » Version: 6.2.3.7

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7
Cisco » Firepower Threat Defense » Version: 6.2.3.8

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8
Cisco » Firepower Threat Defense » Version: 6.2.3.9

cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9
Cisco » Firepower Threat Defense » Version: 6.3.0

cpe:2.3:a:cisco:firepower_threat_defense:6.3.0
Cisco » Isrv » Version: N/A

cpe:2.3:a:cisco:isrv:-
Snort » Snort » Version: N/A

cpe:2.3:a:snort:snort:-
Snort » Snort » Version: 1.6

cpe:2.3:a:snort:snort:1.6
Snort » Snort » Version: 1.8.0

cpe:2.3:a:snort:snort:1.8.0
Snort » Snort » Version: 1.8.1

cpe:2.3:a:snort:snort:1.8.1
Snort » Snort » Version: 1.8.2

cpe:2.3:a:snort:snort:1.8.2
Snort » Snort » Version: 1.8.3

cpe:2.3:a:snort:snort:1.8.3
Snort » Snort » Version: 1.8.4

cpe:2.3:a:snort:snort:1.8.4
Snort » Snort » Version: 1.8.5

cpe:2.3:a:snort:snort:1.8.5
Snort » Snort » Version: 1.8.6

cpe:2.3:a:snort:snort:1.8.6
Snort » Snort » Version: 1.8.7

cpe:2.3:a:snort:snort:1.8.7
Snort » Snort » Version: 1.9.0

cpe:2.3:a:snort:snort:1.9.0
Snort » Snort » Version: 1.9.1

cpe:2.3:a:snort:snort:1.9.1
Snort » Snort » Version: 2.0

cpe:2.3:a:snort:snort:2.0
Snort » Snort » Version: 2.6.1

cpe:2.3:a:snort:snort:2.6.1
Snort » Snort » Version: 2.6.1.1

cpe:2.3:a:snort:snort:2.6.1.1
Snort » Snort » Version: 2.6.1.2

cpe:2.3:a:snort:snort:2.6.1.2
Snort » Snort » Version: 2.6.2

cpe:2.3:a:snort:snort:2.6.2
Snort » Snort » Version: 2.7_beta1

cpe:2.3:a:snort:snort:2.7_beta1
Snort » Snort » Version: 2.9.11.1

cpe:2.3:a:snort:snort:2.9.11.1
Snort » Snort » Version: 2.9.12.0

cpe:2.3:a:snort:snort:2.9.12.0
Snort » Snort » Version: 2.9.13.0

cpe:2.3:a:snort:snort:2.9.13.0
Cisco » 1100-4p » Version: N/A

cpe:2.3:h:cisco:1100-4p:-
Cisco » 1100-8p » Version: N/A

cpe:2.3:h:cisco:1100-8p:-
Cisco » 1101-4p » Version: N/A

cpe:2.3:h:cisco:1101-4p:-
Cisco » 1109-2p » Version: N/A

cpe:2.3:h:cisco:1109-2p:-
Cisco » 1109-4p » Version: N/A

cpe:2.3:h:cisco:1109-4p:-
Cisco » 1111x-8p » Version: N/A

cpe:2.3:h:cisco:1111x-8p:-
Cisco » 4221 Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:4221_integrated_services_router:-
Cisco » 4331 Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:4331_integrated_services_router:-
Cisco » 4431 Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:4431_integrated_services_router:-
Cisco » 4461 Integrated Services Router » Version: N/A

cpe:2.3:h:cisco:4461_integrated_services_router:-
Cisco » Isa 3000 » Version: N/A

cpe:2.3:h:cisco:isa_3000:-
Cisco » Meraki Mx » Version: N/A

cpe:2.3:h:cisco:meraki_mx:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-3299

Products

Pricing

Contact Us