CVE-2023-20071

{"id": "CVE-2023-20071", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2023-11-01T18:15:09.090", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ftd-zXYtnjOM", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ftd-zXYtnjOM", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-1039"}]}, {"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and deliver a malicious payload."}, {"lang": "es", "value": "Varios productos de Cisco se ven afectados por una vulnerabilidad en el motor de detecci\u00f3n Snort que podr\u00eda permitir que un atacante remoto no autenticado omitir las pol\u00edticas configuradas en un sistema afectado. Esta vulnerabilidad se debe a una falla en el m\u00f3dulo FTP del motor de detecci\u00f3n de Snort. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando tr\u00e1fico FTP manipulado a trav\u00e9s de un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante omitir la inspecci\u00f3n de FTP y entregar un payload maliciosa."}], "lastModified": "2024-11-21T07:40:29.093", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C62E4A4C-EE6D-49B5-ADCC-21386CD9F2D9", "versionEndExcluding": "6.4.0.17"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F2A381B6-2AEF-4A0F-A151-8C3CEBBA7AC2", "versionEndExcluding": "7.0.6", "versionStartIncluding": "6.5.0"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BB0ABE0D-B90E-45BD-8978-DD6EBC863EC6", "versionEndExcluding": "7.2.4", "versionStartIncluding": "7.1.0"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "233409FB-3D8D-41A9-BEC6-8A0E758717ED", "versionEndExcluding": "7.3.1.2", "versionStartIncluding": "7.3.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:snort:snort:2.0:-:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4C27CF59-184F-4FFD-9CE8-87F2589EB5AA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7792398D-F563-4441-900D-ABFECAA884AF", "versionEndExcluding": "7.0.5", "versionStartIncluding": "6.7.0"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F64FDF4-9696-4FC8-9ADA-DF1727EF1A63", "versionEndExcluding": "7.1.0.3", "versionStartIncluding": "7.1.0"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F712E334-BA34-4D9C-9E72-DBEFCF9B0E66", "versionEndExcluding": "7.2.1", "versionStartIncluding": "7.2.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:snort:snort:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B5D0C2A5-A925-475B-8B2F-F8E3F27C0876", "versionEndExcluding": "3.1.32.0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:cyber_vision:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCA9E447-86A4-46AC-9D6B-55D6F8664488", "versionEndExcluding": "4.1.3"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:unified_threat_defense:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE0EDFC9-F9CD-487F-AB5C-38E8340BF427", "versionEndExcluding": "17.3.8", "versionStartIncluding": "17.3"}, {"criteria": "cpe:2.3:a:cisco:unified_threat_defense:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85C85786-8BA2-4194-9A07-9F8E676E75C9", "versionEndExcluding": "17.6.6", "versionStartIncluding": "17.6"}, {"criteria": "cpe:2.3:a:cisco:unified_threat_defense:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B50A5D29-0995-469D-86B8-0C5473FC54FC", "versionEndExcluding": "17.9.4", "versionStartIncluding": "17.9"}, {"criteria": "cpe:2.3:a:cisco:unified_threat_defense:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0DB2D2F1-FB90-485D-B6B4-B6E0A9351C95", "versionEndExcluding": "17.11.1a", "versionStartIncluding": "17.11"}, {"criteria": "cpe:2.3:a:cisco:unified_threat_defense:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC04A2AB-CAAA-4723-90FD-C35CED76E029", "versionEndExcluding": "17.12.1a", "versionStartIncluding": "17.12"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:meraki_mx_security_appliance_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C60FD7B-F41F-4307-B3F4-905E7B7C17AF"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}