CVE-2023-20031

🗓️ 01 Nov 2023 17:03:19Reported by ciscoType

A vulnerability in SSL/TLS certificate handling of Snort 3 Detection Engine integration with Cisco Firepower Threat Defense (FTD) Software allows remote attackers to restart the engine. Logic error occurs when accessing a high-load SSL/TLS certificate during SSL connection initiation

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2023-20031	1 Nov 202321:22	–	circl
Cisco	Cisco Firepower Threat Defense Software SSL and Snort 3 Detection Engine Bypass and Denial of Service Vulnerability	1 Nov 202316:00	–	cisco
CNNVD	Cisco Firepower Threat Defense Security Vulnerability	1 Nov 202300:00	–	cnnvd
Cvelist	CVE-2023-20031	1 Nov 202317:03	–	cvelist
Debian CVE	CVE-2023-20031	1 Nov 202317:03	–	debiancve
EUVD	EUVD-2023-24210	3 Oct 202520:07	–	euvd
NVD	CVE-2023-20031	1 Nov 202318:15	–	nvd
Prion	Design/Logic Flaw	1 Nov 202318:15	–	prion
Positive Technologies	PT-2023-7230 · Cisco · Cisco Ftd +1	27 Oct 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-20031	23 May 202503:02	–	redhatcve

NVD

Vulners

Node

cisco firepower_threat_defenseMatch6.7.0

cisco firepower_threat_defenseMatch6.7.0.1

cisco firepower_threat_defenseMatch6.7.0.2

cisco firepower_threat_defenseMatch6.7.0.3

cisco firepower_threat_defenseMatch7.0.0

cisco firepower_threat_defenseMatch7.0.0.1

cisco firepower_threat_defenseMatch7.0.1

cisco firepower_threat_defenseMatch7.0.1.1

cisco firepower_threat_defenseMatch7.0.2

cisco firepower_threat_defenseMatch7.0.2.1

cisco firepower_threat_defenseMatch7.0.3

cisco firepower_threat_defenseMatch7.0.4

cisco firepower_threat_defenseMatch7.0.5

cisco firepower_threat_defenseMatch7.2.0

cisco firepower_threat_defenseMatch7.2.0.1

[
  {
    "vendor": "Cisco",
    "product": "Cisco Firepower Threat Defense Software",
    "versions": [
      {
        "version": "6.7.0",
        "status": "affected"
      },
      {
        "version": "6.7.0.1",
        "status": "affected"
      },
      {
        "version": "6.7.0.2",
        "status": "affected"
      },
      {
        "version": "6.7.0.3",
        "status": "affected"
      },
      {
        "version": "7.0.0",
        "status": "affected"
      },
      {
        "version": "7.0.0.1",
        "status": "affected"
      },
      {
        "version": "7.0.1",
        "status": "affected"
      },
      {
        "version": "7.0.1.1",
        "status": "affected"
      },
      {
        "version": "7.0.2",
        "status": "affected"
      },
      {
        "version": "7.0.2.1",
        "status": "affected"
      },
      {
        "version": "7.0.3",
        "status": "affected"
      },
      {
        "version": "7.0.4",
        "status": "affected"
      },
      {
        "version": "7.0.5",
        "status": "affected"
      },
      {
        "version": "7.2.0",
        "status": "affected"
      },
      {
        "version": "7.2.0.1",
        "status": "affected"
      }
    ]
  }
]

Source	Link
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-8U4HHxH8

21 Nov 2024 07:40Current

5.6Medium risk

Vulners AI Score5.6

CVSS 3.14 - 5.4

EPSS0.00017

CWE-244