CVE-2020-3310
CVE-2020-3310 is a medium-severity vulnerability in Cisco Firepower Device Manager On-box with a CVSS 3.x base score of 4.9. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-119.
Key facts
- Severity: Medium (CVSS 3.x base score 4.9)
- CVSS v2: 6.8
- EPSS exploit prediction: 1% (65th percentile)
- Actively exploited: Not listed in CISA KEV
- Weakness: CWE-119
- Affected product: Cisco Firepower Device Manager On-box
- Published:
- Last modified:
Description
A vulnerability in the XML parser code of Cisco Firepower Device Manager On-Box software could allow an authenticated, remote attacker to cause an affected system to become unstable or reload. The vulnerability is due to insufficient hardening of the XML parser configuration. An attacker could exploit this vulnerability in multiple ways using a malicious file: An attacker with administrative privileges could upload a malicious XML file on the system and cause the XML code to parse the malicious file. An attacker with Clientless Secure Sockets Layer (SSL) VPN access could exploit this vulnerability by sending a crafted XML file. A successful exploit would allow the attacker to crash the XML parser process, which could cause system instability, memory exhaustion, and in some cases lead to a reload of the affected system.
Frequently asked questions
- What is CVE-2020-3310?
- A vulnerability in the XML parser code of Cisco Firepower Device Manager On-Box software could allow an authenticated, remote attacker to cause an affected system to become unstable or reload. The vulnerability is due to insufficient hardening of the XML parser configuration. An attacker could exploit this vulnerability in multiple ways using a malicious file: An attacker with administrative privileges could upload a malicious XML file on the system and cause the XML code to parse the malicious file. An attacker with Clientless Secure Sockets Layer (SSL) VPN access could exploit this vulnerability by sending a crafted XML file. A successful exploit would allow the attacker to crash the XML parser process, which could cause system instability, memory exhaustion, and in some cases lead to a reload of the affected system.
- How severe is CVE-2020-3310?
- CVE-2020-3310 has a CVSS 3.x base score of 4.9, rated medium severity. It is exploitable over network with low attack complexity, requires high privileges and no user interaction. Impact on confidentiality is none, integrity none, and availability high.
- Is CVE-2020-3310 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 1% (65th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2020-3310?
- CVE-2020-3310 affects Cisco Firepower Device Manager On-box. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2020-3310?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2020-3310 published?
- CVE-2020-3310 was published on 2020-05-06 and last updated on 2026-06-17.
References
Affected products (1)
- cpe:2.3:a:cisco:firepower_device_manager_on-box:*:*:*:*:*:*:*:*
More vulnerabilities in Cisco Firepower Device Manager On-box
- CVE-2020-3309 — High (CVSS 7.2): A vulnerability in Cisco Firepower Device Manager (FDM) On-Box software could allow an authenticated, remote attacker…
- CVE-2021-1518 — Medium (CVSS 6.3): A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software could allow an authenticated,…
All CVEs affecting Cisco Firepower Device Manager On-box →
Other CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) vulnerabilities
- CVE-2026-2778 — Critical (CVSS 10.0): Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability was fixed in…
- CVE-2026-2776 — Critical (CVSS 10.0): Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability…
- CVE-2025-1866 — Critical (CVSS 10.0): Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in warmcat libwebsockets allows…
- CVE-2022-27625 — Critical (CVSS 10.0): A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the…
- CVE-2022-27624 — Critical (CVSS 10.0): A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the…
- CVE-2020-11896 — Critical (CVSS 10.0): The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling.