A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass a configured rule, allowing traffic onto a network that should have been blocked.
This vulnerability is due to improper detection of malicious traffic when the traffic is encoded with a specific content format. An attacker could exploit this vulnerability by using an affected device to connect to a malicious server and receiving crafted HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device.
References
Link | Resource |
---|---|
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-bypass-vXvqwzsj | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
11 Aug 2023, 21:02
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.3 |
First Time |
Cisco web Security Appliance S690x
Cisco web Security Appliance S380 Cisco s395 Cisco web Security Appliance S190 Cisco web Security Appliance S170 Cisco s195 Cisco web Security Appliance S680 Cisco s695 Cisco asyncos Cisco web Security Appliance S390 Cisco Cisco web Security Appliance S690 |
|
CWE | NVD-CWE-noinfo | |
References | (MISC) https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-bypass-vXvqwzsj - Vendor Advisory | |
CPE | cpe:2.3:o:cisco:asyncos:11.8.1-023:*:*:*:*:*:*:* cpe:2.3:h:cisco:s395:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:web_security_appliance_s690:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:web_security_appliance_s390:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:11.8.3-021:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:14.0.3-014:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:11.7.1-006:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:11.7.2-011:*:*:*:*:*:*:* cpe:2.3:h:cisco:s695:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:web_security_appliance_s190:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:12.5.2-007:*:*:*:*:*:*:* cpe:2.3:h:cisco:web_security_appliance_s680:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:11.7.0-406:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:11.8.3-018:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:14.5.0-498:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:12.5.4-005:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:14.0.4-005:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:14.0.2-012:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:11.7.1-049:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:12.0.1-268:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:12.5.1-011:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:12.5.5-004:*:*:*:*:*:*:* cpe:2.3:h:cisco:web_security_appliance_s380:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:12.0.3-007:*:*:*:*:*:*:* cpe:2.3:h:cisco:web_security_appliance_s690x:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:14.5.1-016:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:14.5.1-008:*:*:*:*:*:*:* cpe:2.3:h:cisco:s195:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:web_security_appliance_s170:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:11.7.1-020:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:11.7.0-418:*:*:*:*:*:*:* cpe:2.3:o:cisco:asyncos:11.8.0-414:*:*:*:*:*:*:* |
03 Aug 2023, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-03 22:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-20215
Mitre link : CVE-2023-20215
CVE.ORG link : CVE-2023-20215
JSON object : View
Products Affected
cisco
- web_security_appliance_s190
- asyncos
- web_security_appliance_s690
- web_security_appliance_s680
- web_security_appliance_s380
- web_security_appliance_s690x
- web_security_appliance_s170
- s195
- s695
- s395
- web_security_appliance_s390
CWE