Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2023-20247
HistoryNov 01, 2023 - 6:15 p.m.

CVE-2023-20247

2023-11-0118:15:09
CWE-288
[email protected]
web.nvd.nist.gov
cisco
asa
ftd
ssl vpn
authentication
bypass
vulnerability
remote access
exploit
privileges

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.5%

JSON

A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to bypass a configured multiple certificate authentication policy and connect using only a valid username and password. This vulnerability is due to improper error handling during remote access VPN authentication. An attacker could exploit this vulnerability by sending crafted requests during remote access VPN session establishment. A successful exploit could allow the attacker to bypass the configured multiple certificate authentication policy while retaining the privileges and permissions associated with the original connection profile.

Affected configurations

NVD
Node
ciscoadaptive_security_appliance_softwareMatch9.8.1
OR
ciscoadaptive_security_appliance_softwareMatch9.8.1.5
OR
ciscoadaptive_security_appliance_softwareMatch9.8.1.7
OR
ciscoadaptive_security_appliance_softwareMatch9.8.2
OR
ciscoadaptive_security_appliance_softwareMatch9.8.2.8
OR
ciscoadaptive_security_appliance_softwareMatch9.8.2.14
OR
ciscoadaptive_security_appliance_softwareMatch9.8.2.15
OR
ciscoadaptive_security_appliance_softwareMatch9.8.2.17
OR
ciscoadaptive_security_appliance_softwareMatch9.8.2.20
OR
ciscoadaptive_security_appliance_softwareMatch9.8.2.24
OR
ciscoadaptive_security_appliance_softwareMatch9.8.2.26
OR
ciscoadaptive_security_appliance_softwareMatch9.8.2.28
OR
ciscoadaptive_security_appliance_softwareMatch9.8.2.33
OR
ciscoadaptive_security_appliance_softwareMatch9.8.2.35
OR
ciscoadaptive_security_appliance_softwareMatch9.8.2.38
OR
ciscoadaptive_security_appliance_softwareMatch9.8.3
OR
ciscoadaptive_security_appliance_softwareMatch9.8.3.8
OR
ciscoadaptive_security_appliance_softwareMatch9.8.3.11
OR
ciscoadaptive_security_appliance_softwareMatch9.8.3.14
OR
ciscoadaptive_security_appliance_softwareMatch9.8.3.16
OR
ciscoadaptive_security_appliance_softwareMatch9.8.3.18
OR
ciscoadaptive_security_appliance_softwareMatch9.8.3.21
OR
ciscoadaptive_security_appliance_softwareMatch9.8.3.26
OR
ciscoadaptive_security_appliance_softwareMatch9.8.3.29
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.8
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.10
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.12
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.15
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.17
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.20
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.22
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.25
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.26
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.29
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.32
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.33
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.34
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.35
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.39
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.40
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.41
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.43
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.44
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.45
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.46
OR
ciscoadaptive_security_appliance_softwareMatch9.8.4.48
OR
ciscoadaptive_security_appliance_softwareMatch9.12.1
OR
ciscoadaptive_security_appliance_softwareMatch9.12.1.2
OR
ciscoadaptive_security_appliance_softwareMatch9.12.1.3
OR
ciscoadaptive_security_appliance_softwareMatch9.12.2
OR
ciscoadaptive_security_appliance_softwareMatch9.12.2.1
OR
ciscoadaptive_security_appliance_softwareMatch9.12.2.4
OR
ciscoadaptive_security_appliance_softwareMatch9.12.2.5
OR
ciscoadaptive_security_appliance_softwareMatch9.12.2.9
OR
ciscoadaptive_security_appliance_softwareMatch9.12.3
OR
ciscoadaptive_security_appliance_softwareMatch9.12.3.2
OR
ciscoadaptive_security_appliance_softwareMatch9.12.3.7
OR
ciscoadaptive_security_appliance_softwareMatch9.12.3.9
OR
ciscoadaptive_security_appliance_softwareMatch9.12.3.12
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.2
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.4
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.7
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.8
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.10
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.13
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.18
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.24
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.26
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.29
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.30
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.35
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.37
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.38
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.39
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.40
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.41
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.47
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.48
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.50
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.52
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.54
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.55
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.56
OR
ciscoadaptive_security_appliance_softwareMatch9.12.4.58
OR
ciscoadaptive_security_appliance_softwareMatch9.14.1
OR
ciscoadaptive_security_appliance_softwareMatch9.14.1.6
OR
ciscoadaptive_security_appliance_softwareMatch9.14.1.10
OR
ciscoadaptive_security_appliance_softwareMatch9.14.1.15
OR
ciscoadaptive_security_appliance_softwareMatch9.14.1.19
OR
ciscoadaptive_security_appliance_softwareMatch9.14.1.30
OR
ciscoadaptive_security_appliance_softwareMatch9.14.2
OR
ciscoadaptive_security_appliance_softwareMatch9.14.2.4
OR
ciscoadaptive_security_appliance_softwareMatch9.14.2.8
OR
ciscoadaptive_security_appliance_softwareMatch9.14.2.13
OR
ciscoadaptive_security_appliance_softwareMatch9.14.2.15
OR
ciscoadaptive_security_appliance_softwareMatch9.14.3
OR
ciscoadaptive_security_appliance_softwareMatch9.14.3.1
OR
ciscoadaptive_security_appliance_softwareMatch9.14.3.9
OR
ciscoadaptive_security_appliance_softwareMatch9.14.3.11
OR
ciscoadaptive_security_appliance_softwareMatch9.14.3.13
OR
ciscoadaptive_security_appliance_softwareMatch9.14.3.15
OR
ciscoadaptive_security_appliance_softwareMatch9.14.3.18
OR
ciscoadaptive_security_appliance_softwareMatch9.14.4
OR
ciscoadaptive_security_appliance_softwareMatch9.14.4.6
OR
ciscoadaptive_security_appliance_softwareMatch9.14.4.7
OR
ciscoadaptive_security_appliance_softwareMatch9.14.4.12
OR
ciscoadaptive_security_appliance_softwareMatch9.14.4.13
OR
ciscoadaptive_security_appliance_softwareMatch9.14.4.14
OR
ciscoadaptive_security_appliance_softwareMatch9.14.4.15
OR
ciscoadaptive_security_appliance_softwareMatch9.14.4.17
OR
ciscoadaptive_security_appliance_softwareMatch9.14.4.22
OR
ciscoadaptive_security_appliance_softwareMatch9.14.4.23
OR
ciscoadaptive_security_appliance_softwareMatch9.15.1
OR
ciscoadaptive_security_appliance_softwareMatch9.15.1.1
OR
ciscoadaptive_security_appliance_softwareMatch9.15.1.7
OR
ciscoadaptive_security_appliance_softwareMatch9.15.1.10
OR
ciscoadaptive_security_appliance_softwareMatch9.15.1.15
OR
ciscoadaptive_security_appliance_softwareMatch9.15.1.16
OR
ciscoadaptive_security_appliance_softwareMatch9.15.1.17
OR
ciscoadaptive_security_appliance_softwareMatch9.15.1.21
OR
ciscoadaptive_security_appliance_softwareMatch9.16.1
OR
ciscoadaptive_security_appliance_softwareMatch9.16.1.28
OR
ciscoadaptive_security_appliance_softwareMatch9.16.2
OR
ciscoadaptive_security_appliance_softwareMatch9.16.2.3
OR
ciscoadaptive_security_appliance_softwareMatch9.16.2.7
OR
ciscoadaptive_security_appliance_softwareMatch9.16.2.11
OR
ciscoadaptive_security_appliance_softwareMatch9.16.2.13
OR
ciscoadaptive_security_appliance_softwareMatch9.16.2.14
OR
ciscoadaptive_security_appliance_softwareMatch9.16.3
OR
ciscoadaptive_security_appliance_softwareMatch9.16.3.3
OR
ciscoadaptive_security_appliance_softwareMatch9.16.3.14
OR
ciscoadaptive_security_appliance_softwareMatch9.16.3.15
OR
ciscoadaptive_security_appliance_softwareMatch9.16.3.19
OR
ciscoadaptive_security_appliance_softwareMatch9.16.3.23
OR
ciscoadaptive_security_appliance_softwareMatch9.16.4
OR
ciscoadaptive_security_appliance_softwareMatch9.16.4.9
OR
ciscoadaptive_security_appliance_softwareMatch9.16.4.14
OR
ciscoadaptive_security_appliance_softwareMatch9.16.4.18
OR
ciscoadaptive_security_appliance_softwareMatch9.16.4.19
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1.7
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1.9
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1.10
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1.11
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1.13
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1.15
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1.20
OR
ciscoadaptive_security_appliance_softwareMatch9.17.1.30
OR
ciscoadaptive_security_appliance_softwareMatch9.18.1
OR
ciscoadaptive_security_appliance_softwareMatch9.18.1.3
OR
ciscoadaptive_security_appliance_softwareMatch9.18.2
OR
ciscoadaptive_security_appliance_softwareMatch9.18.2.5
OR
ciscoadaptive_security_appliance_softwareMatch9.18.2.7
OR
ciscoadaptive_security_appliance_softwareMatch9.18.2.8
OR
ciscoadaptive_security_appliance_softwareMatch9.18.3
OR
ciscoadaptive_security_appliance_softwareMatch9.18.3.39
OR
ciscoadaptive_security_appliance_softwareMatch9.18.3.46
OR
ciscoadaptive_security_appliance_softwareMatch9.19.1
OR
ciscoadaptive_security_appliance_softwareMatch9.19.1.5
OR
ciscoadaptive_security_appliance_softwareMatch9.19.1.9
OR
ciscoadaptive_security_appliance_softwareMatch9.19.1.12
Node
ciscofirepower_threat_defenseMatch6.2.3
OR
ciscofirepower_threat_defenseMatch6.2.3.1
OR
ciscofirepower_threat_defenseMatch6.2.3.2
OR
ciscofirepower_threat_defenseMatch6.2.3.3
OR
ciscofirepower_threat_defenseMatch6.2.3.4
OR
ciscofirepower_threat_defenseMatch6.2.3.5
OR
ciscofirepower_threat_defenseMatch6.2.3.6
OR
ciscofirepower_threat_defenseMatch6.2.3.7
OR
ciscofirepower_threat_defenseMatch6.2.3.8
OR
ciscofirepower_threat_defenseMatch6.2.3.9
OR
ciscofirepower_threat_defenseMatch6.2.3.10
OR
ciscofirepower_threat_defenseMatch6.2.3.11
OR
ciscofirepower_threat_defenseMatch6.2.3.12
OR
ciscofirepower_threat_defenseMatch6.2.3.13
OR
ciscofirepower_threat_defenseMatch6.2.3.14
OR
ciscofirepower_threat_defenseMatch6.2.3.15
OR
ciscofirepower_threat_defenseMatch6.2.3.16
OR
ciscofirepower_threat_defenseMatch6.2.3.17
OR
ciscofirepower_threat_defenseMatch6.2.3.18
OR
ciscofirepower_threat_defenseMatch6.4.0.5
OR
ciscofirepower_threat_defenseMatch6.4.0.6
OR
ciscofirepower_threat_defenseMatch6.4.0.7
OR
ciscofirepower_threat_defenseMatch6.4.0.8
OR
ciscofirepower_threat_defenseMatch6.4.0.9
OR
ciscofirepower_threat_defenseMatch6.4.0.10
OR
ciscofirepower_threat_defenseMatch6.4.0.11
OR
ciscofirepower_threat_defenseMatch6.4.0.12
OR
ciscofirepower_threat_defenseMatch6.4.0.13
OR
ciscofirepower_threat_defenseMatch6.4.0.14
OR
ciscofirepower_threat_defenseMatch6.4.0.15
OR
ciscofirepower_threat_defenseMatch6.4.0.16
OR
ciscofirepower_threat_defenseMatch6.6.0
OR
ciscofirepower_threat_defenseMatch6.6.0.1
OR
ciscofirepower_threat_defenseMatch6.6.1
OR
ciscofirepower_threat_defenseMatch6.6.3
OR
ciscofirepower_threat_defenseMatch6.6.4
OR
ciscofirepower_threat_defenseMatch6.6.5
OR
ciscofirepower_threat_defenseMatch6.6.5.1
OR
ciscofirepower_threat_defenseMatch6.6.5.2
OR
ciscofirepower_threat_defenseMatch6.6.7
OR
ciscofirepower_threat_defenseMatch6.6.7.1
OR
ciscofirepower_threat_defenseMatch6.7.0
OR
ciscofirepower_threat_defenseMatch6.7.0.1
OR
ciscofirepower_threat_defenseMatch6.7.0.2
OR
ciscofirepower_threat_defenseMatch6.7.0.3
OR
ciscofirepower_threat_defenseMatch7.0.0
OR
ciscofirepower_threat_defenseMatch7.0.0.1
OR
ciscofirepower_threat_defenseMatch7.0.1
OR
ciscofirepower_threat_defenseMatch7.0.1.1
OR
ciscofirepower_threat_defenseMatch7.0.2
OR
ciscofirepower_threat_defenseMatch7.0.2.1
OR
ciscofirepower_threat_defenseMatch7.0.3
OR
ciscofirepower_threat_defenseMatch7.0.4
OR
ciscofirepower_threat_defenseMatch7.0.5
OR
ciscofirepower_threat_defenseMatch7.1.0
OR
ciscofirepower_threat_defenseMatch7.1.0.1
OR
ciscofirepower_threat_defenseMatch7.1.0.2
OR
ciscofirepower_threat_defenseMatch7.1.0.3
OR
ciscofirepower_threat_defenseMatch7.2.0
OR
ciscofirepower_threat_defenseMatch7.2.0.1
OR
ciscofirepower_threat_defenseMatch7.2.1
OR
ciscofirepower_threat_defenseMatch7.2.2
OR
ciscofirepower_threat_defenseMatch7.2.3
OR
ciscofirepower_threat_defenseMatch7.2.4
OR
ciscofirepower_threat_defenseMatch7.3.0
OR
ciscofirepower_threat_defenseMatch7.3.1
OR
ciscofirepower_threat_defenseMatch7.3.1.1

Related

cvelist 1
cisco 1
cve 1
nessus 2
prion 1
cvelist
cvelist
CVE-2023-20247
2023-11-01 17:14:57
cisco
cisco
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Access SSL VPN Multiple Certificate Authentication Bypass Vulnerability
2023-11-01 16:00:00
cve
cve
CVE-2023-20247
2023-11-01 18:15:09
nessus
nessus
Cisco Firepower Threat Defense Software VPN Authentication Bypass (cisco-sa-asaftd-multi-cert-dzA3h5PT)
2024-02-05 00:00:00
Cisco Adaptive Security Appliance Software VPN Authentication Bypass (cisco-sa-asaftd-multi-cert-dzA3h5PT)
2024-02-05 00:00:00
prion
prion
Default credentials
2023-11-01 18:15:00

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.5%

JSON
Related for NVD:CVE-2023-20247
cvelist1cisco1cve1nessus2prion1