CVE-2023-20071

EPSS 0.02%
Published 01.11.2023 18:15:09
Last modified 21.11.2024 07:40:29
Source psirt@cisco.com
Teams watchlist Login
Open Login

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and deliver a malicious payload.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Firepower Threat Defense Version < 6.4.0.17

Snort ≫ Snort Version2.0 Update-

Cisco ≫ Firepower Threat Defense Version >= 6.5.0 < 7.0.6

Snort ≫ Snort Version2.0 Update-

Cisco ≫ Firepower Threat Defense Version >= 7.1.0 < 7.2.4

Snort ≫ Snort Version2.0 Update-

Cisco ≫ Firepower Threat Defense Version >= 7.3.0 < 7.3.1.2

Snort ≫ Snort Version2.0 Update-

Cisco ≫ Firepower Threat Defense Version >= 6.7.0 < 7.0.5

Snort ≫ Snort Version < 3.1.32.0

Cisco ≫ Firepower Threat Defense Version >= 7.1.0 < 7.1.0.3

Snort ≫ Snort Version < 3.1.32.0

Cisco ≫ Firepower Threat Defense Version >= 7.2.0 < 7.2.1

Snort ≫ Snort Version < 3.1.32.0

Cisco ≫ Cyber Vision Version < 4.1.3

Cisco ≫ Unified Threat Defense Version >= 17.3 < 17.3.8

Cisco ≫ Unified Threat Defense Version >= 17.6 < 17.6.6

Cisco ≫ Unified Threat Defense Version >= 17.9 < 17.9.4

Cisco ≫ Unified Threat Defense Version >= 17.11 < 17.11.1a

Cisco ≫ Unified Threat Defense Version >= 17.12 < 17.12.1a

Cisco ≫ Meraki Mx Security Appliance Firmware Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.02%	0.037

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.8	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
psirt@cisco.com	5.8	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE-1039 Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations

The product uses an automated mechanism such as machine learning to recognize complex data inputs (e.g. image or audio) as a particular concept or category, but it does not properly detect or handle inputs that have been modified or constructed in a way that causes the mechanism to detect a different, incorrect concept.

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ftd-zXYtnjOM

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-20071

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-20071

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-20071

EUVD