Lucene search

K
cve[email protected]CVE-2023-20031
HistoryNov 01, 2023 - 6:15 p.m.

CVE-2023-20031

2023-11-0118:15:08
CWE-244
web.nvd.nist.gov
37
ssl/tls
certificate handling
snort 3 detection engine
cisco firepower threat defense
ftd software
remote attacker
denial of service
logic error
cve-2023-20031

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L

5.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.8%

A vulnerability in the SSL/TLS certificate handling of Snort 3 Detection Engine integration with Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart. This vulnerability is due to a logic error that occurs when an SSL/TLS certificate that is under load is accessed when it is initiating an SSL connection. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a high rate of SSL/TLS connection requests to be inspected by the Snort 3 detection engine on an affected device. A successful exploit could allow the attacker to cause the Snort 3 detection engine to reload, resulting in either a bypass or a denial of service (DoS) condition, depending on device configuration. The Snort detection engine will restart automatically. No manual intervention is required.

Affected configurations

NVD
Node
ciscofirepower_threat_defenseMatch6.7.0
OR
ciscofirepower_threat_defenseMatch6.7.0.1
OR
ciscofirepower_threat_defenseMatch6.7.0.2
OR
ciscofirepower_threat_defenseMatch6.7.0.3
OR
ciscofirepower_threat_defenseMatch7.0.0
OR
ciscofirepower_threat_defenseMatch7.0.0.1
OR
ciscofirepower_threat_defenseMatch7.0.1
OR
ciscofirepower_threat_defenseMatch7.0.1.1
OR
ciscofirepower_threat_defenseMatch7.0.2
OR
ciscofirepower_threat_defenseMatch7.0.2.1
OR
ciscofirepower_threat_defenseMatch7.0.3
OR
ciscofirepower_threat_defenseMatch7.0.4
OR
ciscofirepower_threat_defenseMatch7.0.5
OR
ciscofirepower_threat_defenseMatch7.2.0
OR
ciscofirepower_threat_defenseMatch7.2.0.1

CNA Affected

[
  {
    "vendor": "Cisco",
    "product": "Cisco Firepower Threat Defense Software",
    "versions": [
      {
        "version": "6.7.0",
        "status": "affected"
      },
      {
        "version": "6.7.0.1",
        "status": "affected"
      },
      {
        "version": "6.7.0.2",
        "status": "affected"
      },
      {
        "version": "6.7.0.3",
        "status": "affected"
      },
      {
        "version": "7.0.0",
        "status": "affected"
      },
      {
        "version": "7.0.0.1",
        "status": "affected"
      },
      {
        "version": "7.0.1",
        "status": "affected"
      },
      {
        "version": "7.0.1.1",
        "status": "affected"
      },
      {
        "version": "7.0.2",
        "status": "affected"
      },
      {
        "version": "7.0.2.1",
        "status": "affected"
      },
      {
        "version": "7.0.3",
        "status": "affected"
      },
      {
        "version": "7.0.4",
        "status": "affected"
      },
      {
        "version": "7.0.5",
        "status": "affected"
      },
      {
        "version": "7.2.0",
        "status": "affected"
      },
      {
        "version": "7.2.0.1",
        "status": "affected"
      }
    ]
  }
]

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L

5.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.8%