How severe is CVE-2020-3283?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.6 out of 10.

What type of vulnerability is CVE-2020-3283?

This is classified as CWE-119, which is a common weakness in software security.

CVE-2020-3283

HIGH Year: 2020

CVSS v3 Score

8.6

High

CVSS v2 Score

5.0

Medium

Weakness Type

CWE-119

View all →

Vulnerability Description

A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) handler of Cisco Firepower Threat Defense (FTD) Software when running on the Cisco Firepower 1000 Series platform could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to a communication error between internal functions. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message to an affected device. A successful exploit could allow the attacker to cause a buffer underrun, which leads to a crash. The crash causes the affected device to reload.

CVE-2015-5259

HIGH

CVSS:8.6(High)

Integer overflow in the read_string function in libsvn_ra_svn/marshal.c in Apache Subversion 1.9.x before 1.9.3 allows remote attackers to execute arbitrary code via an svn:// protocol string, which t...

CWE-1192015

CVE-2016-4330

HIGH

CVSS:8.6(High)

In the HDF5 1.8.16 library's failure to check if the number of dimensions for an array read from the file is within the bounds of the space allocated for it, a heap-based buffer overflow will occur, p...

CWE-1192016

CVE-2016-4333

HIGH

CVSS:8.6(High)

The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing a value within the file to modify the loop's termi...

CWE-1192016

CVE-2016-5814

HIGH

CVSS:8.6(High)

Buffer overflow in Rockwell Automation RSLogix Micro Starter Lite, RSLogix Micro Developer, RSLogix 500 Starter Edition, RSLogix 500 Standard Edition, and RSLogix 500 Professional Edition allows remot...

CWE-1192016

CVE-2017-12293

HIGH

CVSS:8.6(High)

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient limitations on the...

CWE-1192017

CVE-2017-2795

HIGH

CVSS:8.6(High)

An exploitable heap corruption vulnerability exists in the Txo functionality of Antenna House DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption result...

CWE-1192017

CVE-2020-3283

Vulnerability Description

Related Vulnerabilities

CVE-2015-5259

CVE-2016-4330

CVE-2016-4333

CVE-2016-5814

CVE-2017-12293

CVE-2017-2795