Lucene search

K
cve[email protected]CVE-2023-20042
HistoryNov 01, 2023 - 6:15 p.m.

CVE-2023-20042

2023-11-0118:15:08
CWE-404
web.nvd.nist.gov
54
vulnerability
anyconnect
ssl vpn
cisco
asa
ftd
denial of service
dos
nvd
cve-2023-20042

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

8.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.9%

A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an implementation error within the SSL/TLS session handling process that can prevent the release of a session handler under specific conditions. An attacker could exploit this vulnerability by sending crafted SSL/TLS traffic to an affected device, increasing the probability of session handler leaks. A successful exploit could allow the attacker to eventually deplete the available session handler pool, preventing new sessions from being established and causing a DoS condition.

Affected configurations

NVD
Node
ciscofirepower_threat_defenseMatch7.0.0
OR
ciscofirepower_threat_defenseMatch7.0.0.1
OR
ciscofirepower_threat_defenseMatch7.0.1
OR
ciscofirepower_threat_defenseMatch7.0.1.1
OR
ciscofirepower_threat_defenseMatch7.0.2
OR
ciscofirepower_threat_defenseMatch7.0.2.1
OR
ciscofirepower_threat_defenseMatch7.0.3
OR
ciscofirepower_threat_defenseMatch7.0.4
OR
ciscofirepower_threat_defenseMatch7.0.5
OR
ciscofirepower_threat_defenseMatch7.1.0
OR
ciscofirepower_threat_defenseMatch7.1.0.1
OR
ciscofirepower_threat_defenseMatch7.1.0.2
OR
ciscofirepower_threat_defenseMatch7.1.0.3
OR
ciscofirepower_threat_defenseMatch7.2.0
OR
ciscofirepower_threat_defenseMatch7.2.0.1
OR
ciscofirepower_threat_defenseMatch7.2.1
OR
ciscofirepower_threat_defenseMatch7.2.2
OR
ciscofirepower_threat_defenseMatch7.2.3
OR
ciscofirepower_threat_defenseMatch7.3.0
OR
ciscofirepower_threat_defenseMatch7.3.1
OR
ciscofirepower_threat_defenseMatch7.3.1.1
Node
ciscoadaptive_security_appliance_softwareMatch9.16.1
OR
ciscoadaptive_security_appliance_softwareMatch9.16.1.28
OR
ciscoadaptive_security_appliance_softwareMatch9.16.2
OR
ciscoadaptive_security_appliance_softwareMatch9.16.2.3
OR
ciscoadaptive_security_appliance_softwareMatch9.16.2.7
OR
ciscoadaptive_security_appliance_softwareMatch9.16.2.11
OR
ciscoadaptive_security_appliance_softwareMatch9.16.2.13
OR
ciscoadaptive_security_appliance_softwareMatch9.16.2.14
OR
ciscoadaptive_security_appliance_softwareMatch9.16.3
OR
ciscoadaptive_security_appliance_softwareMatch9.16.3.3
OR
ciscoadaptive_security_appliance_softwareMatch9.16.3.14
OR
ciscoadaptive_security_appliance_softwareMatch9.16.3.15
OR
ciscoadaptive_security_appliance_softwareMatch9.16.3.19
OR
ciscoadaptive_security_appliance_softwareMatch9.16.3.23
OR
ciscoadaptive_security_appliance_softwareMatch9.16.4
OR
ciscoadaptive_security_appliance_softwareMatch9.16.4.9
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1.7
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1.9
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1.10
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1.11
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1.13
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1.15
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1.20
OR
ciscoadaptive_security_appliance_softwareMatch9.18.1
OR
ciscoadaptive_security_appliance_softwareMatch9.18.1.3
OR
ciscoadaptive_security_appliance_softwareMatch9.18.2
OR
ciscoadaptive_security_appliance_softwareMatch9.18.2.5
OR
ciscoadaptive_security_appliance_softwareMatch9.18.2.7
OR
ciscoadaptive_security_appliance_softwareMatch9.19.1

CNA Affected

[
  {
    "vendor": "Cisco",
    "product": "Cisco Adaptive Security Appliance (ASA) Software",
    "versions": [
      {
        "version": "9.16.1",
        "status": "affected"
      },
      {
        "version": "9.16.1.28",
        "status": "affected"
      },
      {
        "version": "9.16.2",
        "status": "affected"
      },
      {
        "version": "9.16.2.3",
        "status": "affected"
      },
      {
        "version": "9.16.2.7",
        "status": "affected"
      },
      {
        "version": "9.16.2.11",
        "status": "affected"
      },
      {
        "version": "9.16.2.13",
        "status": "affected"
      },
      {
        "version": "9.16.2.14",
        "status": "affected"
      },
      {
        "version": "9.16.3",
        "status": "affected"
      },
      {
        "version": "9.16.3.3",
        "status": "affected"
      },
      {
        "version": "9.16.3.14",
        "status": "affected"
      },
      {
        "version": "9.16.3.15",
        "status": "affected"
      },
      {
        "version": "9.16.3.19",
        "status": "affected"
      },
      {
        "version": "9.16.3.23",
        "status": "affected"
      },
      {
        "version": "9.16.4",
        "status": "affected"
      },
      {
        "version": "9.16.4.9",
        "status": "affected"
      },
      {
        "version": "9.17.1",
        "status": "affected"
      },
      {
        "version": "9.17.1.7",
        "status": "affected"
      },
      {
        "version": "9.17.1.9",
        "status": "affected"
      },
      {
        "version": "9.17.1.10",
        "status": "affected"
      },
      {
        "version": "9.17.1.11",
        "status": "affected"
      },
      {
        "version": "9.17.1.13",
        "status": "affected"
      },
      {
        "version": "9.17.1.15",
        "status": "affected"
      },
      {
        "version": "9.17.1.20",
        "status": "affected"
      },
      {
        "version": "9.18.1",
        "status": "affected"
      },
      {
        "version": "9.18.1.3",
        "status": "affected"
      },
      {
        "version": "9.18.2",
        "status": "affected"
      },
      {
        "version": "9.18.2.5",
        "status": "affected"
      },
      {
        "version": "9.18.2.7",
        "status": "affected"
      },
      {
        "version": "9.19.1",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Cisco",
    "product": "Cisco Firepower Threat Defense Software",
    "versions": [
      {
        "version": "7.0.0",
        "status": "affected"
      },
      {
        "version": "7.0.0.1",
        "status": "affected"
      },
      {
        "version": "7.0.1",
        "status": "affected"
      },
      {
        "version": "7.0.1.1",
        "status": "affected"
      },
      {
        "version": "7.0.2",
        "status": "affected"
      },
      {
        "version": "7.0.2.1",
        "status": "affected"
      },
      {
        "version": "7.0.3",
        "status": "affected"
      },
      {
        "version": "7.0.4",
        "status": "affected"
      },
      {
        "version": "7.0.5",
        "status": "affected"
      },
      {
        "version": "7.1.0",
        "status": "affected"
      },
      {
        "version": "7.1.0.1",
        "status": "affected"
      },
      {
        "version": "7.1.0.2",
        "status": "affected"
      },
      {
        "version": "7.1.0.3",
        "status": "affected"
      },
      {
        "version": "7.2.0",
        "status": "affected"
      },
      {
        "version": "7.2.0.1",
        "status": "affected"
      },
      {
        "version": "7.2.1",
        "status": "affected"
      },
      {
        "version": "7.2.2",
        "status": "affected"
      },
      {
        "version": "7.2.3",
        "status": "affected"
      },
      {
        "version": "7.3.0",
        "status": "affected"
      },
      {
        "version": "7.3.1",
        "status": "affected"
      },
      {
        "version": "7.3.1.1",
        "status": "affected"
      }
    ]
  }
]

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

8.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.9%

Related for CVE-2023-20042