Lucene search
CiscoCVELIST:CVE-2023-20071HistoryNov 01, 2023 - 5:07 p.m.
CVE-2023-20071
2023-11-0117:07:44
cisco
www.cve.org
cisco
snort
ftp
vulnerability
bypass
policies
remote attacker
exploitation
malicious payload
5.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
5.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
26.8%
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and deliver a malicious payload.
CNA Affected
[
{
"vendor": "Cisco",
"product": "Cisco Firepower Threat Defense Software",
"versions": [
{
"version": "6.2.3",
"status": "affected"
},
{
"version": "6.2.3.1",
"status": "affected"
},
{
"version": "6.2.3.2",
"status": "affected"
},
{
"version": "6.2.3.3",
"status": "affected"
},
{
"version": "6.2.3.4",
"status": "affected"
},
{
"version": "6.2.3.5",
"status": "affected"
},
{
"version": "6.2.3.6",
"status": "affected"
},
{
"version": "6.2.3.7",
"status": "affected"
},
{
"version": "6.2.3.8",
"status": "affected"
},
{
"version": "6.2.3.10",
"status": "affected"
},
{
"version": "6.2.3.11",
"status": "affected"
},
{
"version": "6.2.3.9",
"status": "affected"
},
{
"version": "6.2.3.12",
"status": "affected"
},
{
"version": "6.2.3.13",
"status": "affected"
},
{
"version": "6.2.3.14",
"status": "affected"
},
{
"version": "6.2.3.15",
"status": "affected"
},
{
"version": "6.2.3.16",
"status": "affected"
},
{
"version": "6.2.3.17",
"status": "affected"
},
{
"version": "6.2.3.18",
"status": "affected"
},
{
"version": "6.6.0",
"status": "affected"
},
{
"version": "6.6.0.1",
"status": "affected"
},
{
"version": "6.6.1",
"status": "affected"
},
{
"version": "6.6.3",
"status": "affected"
},
{
"version": "6.6.4",
"status": "affected"
},
{
"version": "6.6.5",
"status": "affected"
},
{
"version": "6.6.5.1",
"status": "affected"
},
{
"version": "6.6.5.2",
"status": "affected"
},
{
"version": "6.6.7",
"status": "affected"
},
{
"version": "6.6.7.1",
"status": "affected"
},
{
"version": "6.4.0",
"status": "affected"
},
{
"version": "6.4.0.1",
"status": "affected"
},
{
"version": "6.4.0.3",
"status": "affected"
},
{
"version": "6.4.0.2",
"status": "affected"
},
{
"version": "6.4.0.4",
"status": "affected"
},
{
"version": "6.4.0.5",
"status": "affected"
},
{
"version": "6.4.0.6",
"status": "affected"
},
{
"version": "6.4.0.7",
"status": "affected"
},
{
"version": "6.4.0.8",
"status": "affected"
},
{
"version": "6.4.0.9",
"status": "affected"
},
{
"version": "6.4.0.10",
"status": "affected"
},
{
"version": "6.4.0.11",
"status": "affected"
},
{
"version": "6.4.0.12",
"status": "affected"
},
{
"version": "6.4.0.13",
"status": "affected"
},
{
"version": "6.4.0.14",
"status": "affected"
},
{
"version": "6.4.0.15",
"status": "affected"
},
{
"version": "6.4.0.16",
"status": "affected"
},
{
"version": "6.7.0",
"status": "affected"
},
{
"version": "6.7.0.1",
"status": "affected"
},
{
"version": "6.7.0.2",
"status": "affected"
},
{
"version": "6.7.0.3",
"status": "affected"
},
{
"version": "7.0.0",
"status": "affected"
},
{
"version": "7.0.0.1",
"status": "affected"
},
{
"version": "7.0.1",
"status": "affected"
},
{
"version": "7.0.1.1",
"status": "affected"
},
{
"version": "7.0.2",
"status": "affected"
},
{
"version": "7.0.2.1",
"status": "affected"
},
{
"version": "7.0.3",
"status": "affected"
},
{
"version": "7.0.4",
"status": "affected"
},
{
"version": "7.0.5",
"status": "affected"
},
{
"version": "7.1.0",
"status": "affected"
},
{
"version": "7.1.0.1",
"status": "affected"
},
{
"version": "7.1.0.2",
"status": "affected"
},
{
"version": "7.1.0.3",
"status": "affected"
},
{
"version": "7.2.0",
"status": "affected"
},
{
"version": "7.2.0.1",
"status": "affected"
},
{
"version": "7.2.1",
"status": "affected"
},
{
"version": "7.2.2",
"status": "affected"
},
{
"version": "7.2.3",
"status": "affected"
},
{
"version": "7.3.0",
"status": "affected"
},
{
"version": "7.3.1",
"status": "affected"
},
{
"version": "7.3.1.1",
"status": "affected"
}
]
},
{
"vendor": "Cisco",
"product": "Cisco Umbrella Insights Virtual Appliance",
"versions": [
{
"version": "N/A",
"status": "affected"
}
]
},
{
"vendor": "Cisco",
"product": "Cisco Cyber Vision",
"versions": [
{
"version": "3.0.4",
"status": "affected"
},
{
"version": "3.0.0",
"status": "affected"
},
{
"version": "3.0.1",
"status": "affected"
},
{
"version": "3.0.2",
"status": "affected"
},
{
"version": "3.0.3",
"status": "affected"
},
{
"version": "3.0.5",
"status": "affected"
},
{
"version": "3.0.6",
"status": "affected"
},
{
"version": "3.1.0",
"status": "affected"
},
{
"version": "3.1.2",
"status": "affected"
},
{
"version": "3.1.1",
"status": "affected"
},
{
"version": "3.2.3",
"status": "affected"
},
{
"version": "3.2.1",
"status": "affected"
},
{
"version": "3.2.4",
"status": "affected"
},
{
"version": "3.2.0",
"status": "affected"
},
{
"version": "3.2.2",
"status": "affected"
},
{
"version": "4.0.0",
"status": "affected"
},
{
"version": "4.0.1",
"status": "affected"
},
{
"version": "4.0.2",
"status": "affected"
},
{
"version": "4.0.3",
"status": "affected"
},
{
"version": "4.1.0",
"status": "affected"
},
{
"version": "4.1.1",
"status": "affected"
},
{
"version": "4.1.2",
"status": "affected"
}
]
},
{
"vendor": "Cisco",
"product": "Cisco UTD SNORT IPS Engine Software",
"versions": [
{
"version": "16.12.1a",
"status": "affected"
},
{
"version": "16.12.2",
"status": "affected"
},
{
"version": "16.12.3",
"status": "affected"
},
{
"version": "16.12.4",
"status": "affected"
},
{
"version": "16.12.5",
"status": "affected"
},
{
"version": "16.12.6",
"status": "affected"
},
{
"version": "16.12.7",
"status": "affected"
},
{
"version": "16.12.8",
"status": "affected"
},
{
"version": "16.6.1",
"status": "affected"
},
{
"version": "16.6.5",
"status": "affected"
},
{
"version": "16.6.6",
"status": "affected"
},
{
"version": "16.6.7a",
"status": "affected"
},
{
"version": "16.6.9",
"status": "affected"
},
{
"version": "16.6.10",
"status": "affected"
},
{
"version": "17.1.1",
"status": "affected"
},
{
"version": "17.2.1r",
"status": "affected"
},
{
"version": "17.3.1a",
"status": "affected"
},
{
"version": "17.3.2",
"status": "affected"
},
{
"version": "17.3.3",
"status": "affected"
},
{
"version": "17.3.4a",
"status": "affected"
},
{
"version": "17.3.6",
"status": "affected"
},
{
"version": "17.3.5",
"status": "affected"
},
{
"version": "17.3.7",
"status": "affected"
},
{
"version": "3.17.0S",
"status": "affected"
},
{
"version": "3.17.1S",
"status": "affected"
},
{
"version": "17.4.1a",
"status": "affected"
},
{
"version": "17.4.2",
"status": "affected"
},
{
"version": "17.4.1b",
"status": "affected"
},
{
"version": "17.5.1a",
"status": "affected"
},
{
"version": "17.6.1a",
"status": "affected"
},
{
"version": "17.6.2",
"status": "affected"
},
{
"version": "17.6.3a",
"status": "affected"
},
{
"version": "17.6.4",
"status": "affected"
},
{
"version": "17.6.5",
"status": "affected"
},
{
"version": "17.7.1a",
"status": "affected"
},
{
"version": "17.7.2",
"status": "affected"
},
{
"version": "17.10.1a",
"status": "affected"
},
{
"version": "17.9.1a",
"status": "affected"
},
{
"version": "17.9.2a",
"status": "affected"
},
{
"version": "17.9.3a",
"status": "affected"
},
{
"version": "17.8.1a",
"status": "affected"
},
{
"version": "Fuji-16.9.2",
"status": "affected"
},
{
"version": "Fuji-16.9.4",
"status": "affected"
},
{
"version": "Fuji-16.9.6",
"status": "affected"
},
{
"version": "Fuji-16.9.3",
"status": "affected"
},
{
"version": "Fuji-16.9.7",
"status": "affected"
},
{
"version": "Fuji-16.9.8",
"status": "affected"
},
{
"version": "Fuji-16.9.5",
"status": "affected"
},
{
"version": "Denali-16.3.3",
"status": "affected"
},
{
"version": "Denali-16.3.9",
"status": "affected"
},
{
"version": "Denali-16.3.7",
"status": "affected"
},
{
"version": "Denali-16.3.5",
"status": "affected"
},
{
"version": "Denali-16.3.4",
"status": "affected"
},
{
"version": "Everest-16.6.3",
"status": "affected"
},
{
"version": "Everest-16.6.4",
"status": "affected"
},
{
"version": "Everest-16.6.2",
"status": "affected"
}
]
}
]Related
nessus
nessus
cve
cve
CVE-2023-20071
2023-11-01 18:15:09
nvd
nvd
CVE-2023-20071
2023-11-01 18:15:09
cisco
cisco
Multiple Cisco Products Snort FTP Inspection Bypass Vulnerability
2023-11-01 16:00:00
prion
prion
Design/Logic Flaw
2023-11-01 18:15:00
5.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
5.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
26.8%
Related for CVELIST:CVE-2023-20071