Ubuntu.comUB:CVE-2023-20031CVE-2023-20031
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L
5.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.0%
A vulnerability in the SSL/TLS certificate handling of Snort 3 Detection
Engine integration with Cisco Firepower Threat Defense (FTD) Software could
allow an unauthenticated, remote attacker to cause the Snort 3 detection
engine to restart. This vulnerability is due to a logic error that occurs
when an SSL/TLS certificate that is under load is accessed when it is
initiating an SSL connection. Under specific, time-based constraints, an
attacker could exploit this vulnerability by sending a high rate of SSL/TLS
connection requests to be inspected by the Snort 3 detection engine on an
affected device. A successful exploit could allow the attacker to cause the
Snort 3 detection engine to reload, resulting in either a bypass or a
denial of service (DoS) condition, depending on device configuration. The
Snort detection engine will restart automatically. No manual intervention
is required.
Bugs
Related
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L
5.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.0%