CVE-2023-20071

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-20071
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and deliver a malicious payload.

5.8 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References
Link Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ftd-zXYtnjOM Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*
cpe:2.3:a:snort:snort:2.0:-:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*
cpe:2.3:a:snort:snort:*:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:cisco:cyber_vision:*:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:a:cisco:unified_threat_defense:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_threat_defense:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_threat_defense:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_threat_defense:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_threat_defense:*:*:*:*:*:*:*:*

Configuration 5 (hide)

cpe:2.3:o:cisco:meraki_mx_security_appliance_firmware:-:*:*:*:*:*:*:*
History

09 Nov 2023, 18:30

Type Values Removed Values Added
References (MISC) https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ftd-zXYtnjOM - (MISC) https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ftd-zXYtnjOM - Vendor Advisory
CPE cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_threat_defense:*:*:*:*:*:*:*:*
cpe:2.3:a:snort:snort:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:meraki_mx_security_appliance_firmware:-:*:*:*:*:*:*:*
cpe:2.3:a:snort:snort:2.0:-:*:*:*:*:*:*
cpe:2.3:a:cisco:cyber_vision:*:*:*:*:*:*:*:*
CWE NVD-CWE-noinfo
First Time Cisco cyber Vision
Cisco meraki Mx Security Appliance Firmware
Snort
Cisco unified Threat Defense
Cisco
Snort snort
Cisco firepower Threat Defense
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.8

01 Nov 2023, 18:17

Type Values Removed Values Added
New CVE
Information

Published : 2023-11-01 18:15

Updated : 2024-02-28 20:33

NVD link : CVE-2023-20071

Mitre link : CVE-2023-20071

CVE.ORG link : CVE-2023-20071

JSON object : View

Products Affected

cisco

  • cyber_vision
  • unified_threat_defense
  • firepower_threat_defense
  • meraki_mx_security_appliance_firmware

snort

  • snort
CWE
NVD-CWE-noinfo CWE-1039

Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024