CVE-2023-20267

CWE-284Improper Access ControlCWE-745 documents5 sources
Severity
5.3MEDIUM
EPSS
0.0%
top 98.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Firepower Threat DefenseCisco Cisco Firepower Threat Defense Software
Timeline
PublishedNov 1

Description

A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This vulnerability exists because the configuration for IP geolocation rules is not parsed properly. An attacker could exploit this vulnerability by spoofing an IP address until they bypass the restriction. A successful exploit could allow the attacker to bypass location-based IP address restrictions.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:NExploitability: 2.2 | Impact: 1.4

Affected Packages2 packages

NVDcisco/firepower_threat_defense6.7.07.3.1.1

🔴Vulnerability Details

3
CVEList
CVE-2023-20267: A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions2023-11-01
GHSA
GHSA-8c85-2mj6-75qp: A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions2023-11-01
GHSA
xwiki-platform-web-templates vulnerable to Eval Injection2023-04-20

📋Vendor Advisories

1
Cisco
Cisco Firepower Threat Defense Software Snort 3 Geolocation IP Filter Bypass Vulnerability2023-11-01
CVE-2023-20267 (MEDIUM CVSS 5.3) | A vulnerability in the IP geolocati | cvebase.io