Lucene search

K
cve[email protected]CVE-2023-20244
HistoryNov 01, 2023 - 5:15 p.m.

CVE-2023-20244

2023-11-0117:15:11
CWE-771
web.nvd.nist.gov
35
cisco
firepower
vulnerability
dos
remote attack
ftd software

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

8.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.9%

A vulnerability in the internal packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Firewalls could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain packets when they are sent to the inspection engine. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to deplete all 9,472 byte blocks on the device, resulting in traffic loss across the device or an unexpected reload of the device. If the device does not reload on its own, a manual reload of the device would be required to recover from this state.

Affected configurations

NVD
Node
ciscofirepower_threat_defenseMatch6.2.3
OR
ciscofirepower_threat_defenseMatch6.2.3.1
OR
ciscofirepower_threat_defenseMatch6.2.3.2
OR
ciscofirepower_threat_defenseMatch6.2.3.3
OR
ciscofirepower_threat_defenseMatch6.2.3.4
OR
ciscofirepower_threat_defenseMatch6.2.3.5
OR
ciscofirepower_threat_defenseMatch6.2.3.6
OR
ciscofirepower_threat_defenseMatch6.2.3.7
OR
ciscofirepower_threat_defenseMatch6.2.3.8
OR
ciscofirepower_threat_defenseMatch6.2.3.9
OR
ciscofirepower_threat_defenseMatch6.2.3.10
OR
ciscofirepower_threat_defenseMatch6.2.3.11
OR
ciscofirepower_threat_defenseMatch6.2.3.12
OR
ciscofirepower_threat_defenseMatch6.2.3.13
OR
ciscofirepower_threat_defenseMatch6.2.3.14
OR
ciscofirepower_threat_defenseMatch6.2.3.15
OR
ciscofirepower_threat_defenseMatch6.2.3.16
OR
ciscofirepower_threat_defenseMatch6.2.3.17
OR
ciscofirepower_threat_defenseMatch6.2.3.18
OR
ciscofirepower_threat_defenseMatch6.4.0
OR
ciscofirepower_threat_defenseMatch6.4.0.1
OR
ciscofirepower_threat_defenseMatch6.4.0.2
OR
ciscofirepower_threat_defenseMatch6.4.0.3
OR
ciscofirepower_threat_defenseMatch6.4.0.4
OR
ciscofirepower_threat_defenseMatch6.4.0.5
OR
ciscofirepower_threat_defenseMatch6.4.0.6
OR
ciscofirepower_threat_defenseMatch6.4.0.7
OR
ciscofirepower_threat_defenseMatch6.4.0.8
OR
ciscofirepower_threat_defenseMatch6.4.0.9
OR
ciscofirepower_threat_defenseMatch6.4.0.10
OR
ciscofirepower_threat_defenseMatch6.4.0.11
OR
ciscofirepower_threat_defenseMatch6.4.0.12
OR
ciscofirepower_threat_defenseMatch6.4.0.13
OR
ciscofirepower_threat_defenseMatch6.4.0.14
OR
ciscofirepower_threat_defenseMatch6.4.0.15
OR
ciscofirepower_threat_defenseMatch6.4.0.16
OR
ciscofirepower_threat_defenseMatch6.6.0
OR
ciscofirepower_threat_defenseMatch6.6.0.1
OR
ciscofirepower_threat_defenseMatch6.6.1
OR
ciscofirepower_threat_defenseMatch6.6.3
OR
ciscofirepower_threat_defenseMatch6.6.4
OR
ciscofirepower_threat_defenseMatch6.6.5
OR
ciscofirepower_threat_defenseMatch6.6.5.1
OR
ciscofirepower_threat_defenseMatch6.6.5.2
OR
ciscofirepower_threat_defenseMatch6.6.7
OR
ciscofirepower_threat_defenseMatch6.6.7.1
OR
ciscofirepower_threat_defenseMatch6.7.0
OR
ciscofirepower_threat_defenseMatch6.7.0.1
OR
ciscofirepower_threat_defenseMatch6.7.0.2
OR
ciscofirepower_threat_defenseMatch6.7.0.3
OR
ciscofirepower_threat_defenseMatch7.0.0
OR
ciscofirepower_threat_defenseMatch7.0.0.1
OR
ciscofirepower_threat_defenseMatch7.0.1
OR
ciscofirepower_threat_defenseMatch7.0.1.1
OR
ciscofirepower_threat_defenseMatch7.0.2
OR
ciscofirepower_threat_defenseMatch7.0.2.1
OR
ciscofirepower_threat_defenseMatch7.0.3
OR
ciscofirepower_threat_defenseMatch7.0.4
OR
ciscofirepower_threat_defenseMatch7.0.5
OR
ciscofirepower_threat_defenseMatch7.1.0
OR
ciscofirepower_threat_defenseMatch7.1.0.1
OR
ciscofirepower_threat_defenseMatch7.1.0.3
OR
ciscofirepower_threat_defenseMatch7.2.0
OR
ciscofirepower_threat_defenseMatch7.2.0.1
OR
ciscofirepower_threat_defenseMatch7.2.1
OR
ciscofirepower_threat_defenseMatch7.2.2
OR
ciscofirepower_threat_defenseMatch7.2.3
OR
ciscofirepower_threat_defenseMatch7.3.0
OR
ciscofirepower_threat_defenseMatch7.3.1
OR
ciscofirepower_threat_defenseMatch7.3.1.1
AND
ciscofirepower_2110Match-
OR
ciscofirepower_2120Match-
OR
ciscofirepower_2130Match-
OR
ciscofirepower_2140Match-

CNA Affected

[
  {
    "vendor": "Cisco",
    "product": "Cisco Firepower Threat Defense Software",
    "versions": [
      {
        "version": "6.2.3",
        "status": "affected"
      },
      {
        "version": "6.2.3.1",
        "status": "affected"
      },
      {
        "version": "6.2.3.2",
        "status": "affected"
      },
      {
        "version": "6.2.3.3",
        "status": "affected"
      },
      {
        "version": "6.2.3.4",
        "status": "affected"
      },
      {
        "version": "6.2.3.5",
        "status": "affected"
      },
      {
        "version": "6.2.3.6",
        "status": "affected"
      },
      {
        "version": "6.2.3.7",
        "status": "affected"
      },
      {
        "version": "6.2.3.8",
        "status": "affected"
      },
      {
        "version": "6.2.3.10",
        "status": "affected"
      },
      {
        "version": "6.2.3.11",
        "status": "affected"
      },
      {
        "version": "6.2.3.9",
        "status": "affected"
      },
      {
        "version": "6.2.3.12",
        "status": "affected"
      },
      {
        "version": "6.2.3.13",
        "status": "affected"
      },
      {
        "version": "6.2.3.14",
        "status": "affected"
      },
      {
        "version": "6.2.3.15",
        "status": "affected"
      },
      {
        "version": "6.2.3.16",
        "status": "affected"
      },
      {
        "version": "6.2.3.17",
        "status": "affected"
      },
      {
        "version": "6.2.3.18",
        "status": "affected"
      },
      {
        "version": "6.6.0",
        "status": "affected"
      },
      {
        "version": "6.6.0.1",
        "status": "affected"
      },
      {
        "version": "6.6.1",
        "status": "affected"
      },
      {
        "version": "6.6.3",
        "status": "affected"
      },
      {
        "version": "6.6.4",
        "status": "affected"
      },
      {
        "version": "6.6.5",
        "status": "affected"
      },
      {
        "version": "6.6.5.1",
        "status": "affected"
      },
      {
        "version": "6.6.5.2",
        "status": "affected"
      },
      {
        "version": "6.6.7",
        "status": "affected"
      },
      {
        "version": "6.6.7.1",
        "status": "affected"
      },
      {
        "version": "6.4.0",
        "status": "affected"
      },
      {
        "version": "6.4.0.1",
        "status": "affected"
      },
      {
        "version": "6.4.0.3",
        "status": "affected"
      },
      {
        "version": "6.4.0.2",
        "status": "affected"
      },
      {
        "version": "6.4.0.4",
        "status": "affected"
      },
      {
        "version": "6.4.0.5",
        "status": "affected"
      },
      {
        "version": "6.4.0.6",
        "status": "affected"
      },
      {
        "version": "6.4.0.7",
        "status": "affected"
      },
      {
        "version": "6.4.0.8",
        "status": "affected"
      },
      {
        "version": "6.4.0.9",
        "status": "affected"
      },
      {
        "version": "6.4.0.10",
        "status": "affected"
      },
      {
        "version": "6.4.0.11",
        "status": "affected"
      },
      {
        "version": "6.4.0.12",
        "status": "affected"
      },
      {
        "version": "6.4.0.13",
        "status": "affected"
      },
      {
        "version": "6.4.0.14",
        "status": "affected"
      },
      {
        "version": "6.4.0.15",
        "status": "affected"
      },
      {
        "version": "6.4.0.16",
        "status": "affected"
      },
      {
        "version": "6.7.0",
        "status": "affected"
      },
      {
        "version": "6.7.0.1",
        "status": "affected"
      },
      {
        "version": "6.7.0.2",
        "status": "affected"
      },
      {
        "version": "6.7.0.3",
        "status": "affected"
      },
      {
        "version": "7.0.0",
        "status": "affected"
      },
      {
        "version": "7.0.0.1",
        "status": "affected"
      },
      {
        "version": "7.0.1",
        "status": "affected"
      },
      {
        "version": "7.0.1.1",
        "status": "affected"
      },
      {
        "version": "7.0.2",
        "status": "affected"
      },
      {
        "version": "7.0.2.1",
        "status": "affected"
      },
      {
        "version": "7.0.3",
        "status": "affected"
      },
      {
        "version": "7.0.4",
        "status": "affected"
      },
      {
        "version": "7.0.5",
        "status": "affected"
      },
      {
        "version": "7.1.0",
        "status": "affected"
      },
      {
        "version": "7.1.0.1",
        "status": "affected"
      },
      {
        "version": "7.1.0.3",
        "status": "affected"
      },
      {
        "version": "7.2.0",
        "status": "affected"
      },
      {
        "version": "7.2.0.1",
        "status": "affected"
      },
      {
        "version": "7.2.1",
        "status": "affected"
      },
      {
        "version": "7.2.2",
        "status": "affected"
      },
      {
        "version": "7.2.3",
        "status": "affected"
      },
      {
        "version": "7.3.0",
        "status": "affected"
      },
      {
        "version": "7.3.1",
        "status": "affected"
      },
      {
        "version": "7.3.1.1",
        "status": "affected"
      }
    ]
  }
]

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

8.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.9%

Related for CVE-2023-20244