CVE-2023-20244

CWE-7714 documents4 sources
Severity
8.6HIGH
EPSS
0.2%
top 62.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Cisco Firepower Threat Defense SoftwareCisco Firepower Threat Defense
Timeline
PublishedNov 1

Description

A vulnerability in the internal packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Firewalls could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain packets when they are sent to the inspection engine. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit coul

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 3.9 | Impact: 4.0

Affected Packages2 packages

NVDcisco/firepower_threat_defense70 versions+69

🔴Vulnerability Details

2
CVEList
CVE-2023-20244: A vulnerability in the internal packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Firewalls could all2023-11-01
GHSA
GHSA-6488-32xg-xmmj: A vulnerability in the internal packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Firewalls could all2023-11-01

📋Vendor Advisories

1
Cisco
Cisco Firepower Threat Defense Software for Cisco Firepower 2100 Series Firewalls Inspection Rules Denial of Service Vulnerability2023-11-01
CVE-2023-20244 (HIGH CVSS 8.6) | A vulnerability in the internal pac | cvebase.io