A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass a configured rule, allowing traffic onto a network that should have been blocked.
This vulnerability is due to improper detection of malicious traffic when the traffic is encoded with a specific content format. An attacker could exploit this vulnerability by using an affected device to connect to a malicious server and receiving crafted HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device.
References
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 07:40
Type | Values Removed | Values Added |
---|---|---|
References | () https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-bypass-vXvqwzsj - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.8 |
11 Aug 2023, 21:02
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:cisco:asyncos:11.8.1-023:*:*:*:*:*:*:* cpe:2.3:h:cisco:s395:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:web_security_appliance_s690:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:web_security_appliance_s390:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:11.8.3-021:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:14.0.3-014:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:11.7.1-006:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:11.7.2-011:*:*:*:*:*:*:* cpe:2.3:h:cisco:s695:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:web_security_appliance_s190:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:12.5.2-007:*:*:*:*:*:*:* cpe:2.3:h:cisco:web_security_appliance_s680:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:11.7.0-406:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:11.8.3-018:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:14.5.0-498:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:12.5.4-005:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:14.0.4-005:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:14.0.2-012:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:11.7.1-049:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:12.0.1-268:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:12.5.1-011:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:12.5.5-004:*:*:*:*:*:*:* cpe:2.3:h:cisco:web_security_appliance_s380:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:12.0.3-007:*:*:*:*:*:*:* cpe:2.3:h:cisco:web_security_appliance_s690x:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:14.5.1-016:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:14.5.1-008:*:*:*:*:*:*:* cpe:2.3:h:cisco:s195:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:web_security_appliance_s170:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:11.7.1-020:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:11.7.0-418:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:11.8.0-414:*:*:*:*:*:*:* |
|
First Time |
Cisco web Security Appliance S690x
Cisco web Security Appliance S380 Cisco s395 Cisco web Security Appliance S190 Cisco web Security Appliance S170 Cisco s195 Cisco web Security Appliance S680 Cisco s695 Cisco asyncos Cisco web Security Appliance S390 Cisco Cisco web Security Appliance S690 |
|
References | (MISC) https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-bypass-vXvqwzsj - Vendor Advisory | |
CWE | NVD-CWE-noinfo | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
03 Aug 2023, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-03 22:15
Updated : 2024-11-21 07:40
NVD link : CVE-2023-20215
Mitre link : CVE-2023-20215
CVE.ORG link : CVE-2023-20215
JSON object : View
Products Affected
cisco
- web_security_appliance_s690x
- web_security_appliance_s390
- asyncos
- s195
- s395
- web_security_appliance_s380
- web_security_appliance_s690
- web_security_appliance_s680
- web_security_appliance_s170
- web_security_appliance_s190
- s695
CWE