Cisco Firepower Threat Defense Software vulnerabilities

CVE-2023-20275 [MEDIUM] CWE-346 CVE-2023-20275: A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Softwar A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to send packets with another VPN user's source IP address. This vulnerability is due to improper validation of the packet's inner source IP address after

CVE-2023-20095 [HIGH] CWE-772 CVE-2023-20095: A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of HTTPS requests. An attacker could ex

CVE-2023-20244 [HIGH] CWE-771 CVE-2023-20244: A vulnerability in the internal packet processing of Cisco Firepower Threat Defense (FTD) Software f A vulnerability in the internal packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Firewalls could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain packets when they are sent to the insp

CVE-2023-20042 [HIGH] CWE-404 CVE-2023-20042: A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Softwar A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an implementation error within the SSL/TLS session handl

CVE-2023-20083 [HIGH] CWE-835 CVE-2023-20083: A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco Fir A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the CPU of an affected device to spike to 100 percent, which could stop all traffic processing and result in a denial of service (DoS) condition. FTD managemen

CVE-2023-20063 [HIGH] CWE-94 CVE-2023-20063: A vulnerability in the inter-device communication mechanisms between devices that are running Cisco A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary commands with root permissions on the underlying operating system of an affect

CVE-2023-20086 [HIGH] CWE-248 CVE-2023-20086: A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco F A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper processing of ICMPv6 messages. An attacker could exploit this vulnerability by sen

CVE-2023-20267 [MEDIUM] CWE-284 CVE-2023-20267: A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attack A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This vulnerability exists because the configuration for IP geolocation rules is not parsed properly. An attacker could exploit this vulnerability by spoofing an IP address until they bypass the restric

CVE-2023-20270 [MEDIUM] CWE-20 CVE-2023-20270: A vulnerability in the interaction between the Server Message Block (SMB) protocol preprocessor and A vulnerability in the interaction between the Server Message Block (SMB) protocol preprocessor and the Snort 3 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device. This vulnerability is du

CVE-2023-20177 [MEDIUM] CWE-244 CVE-2023-20177: A vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense (FTD) Softwa A vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense (FTD) Software that occurs when the SSL/TLS connection is configured with a URL Category and the Snort 3 detection engine could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart. This vulnerability exists beca

CVE-2023-20071 [MEDIUM] CWE-1039 CVE-2023-20071: Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could all Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could exploit this vulnerability by sending crafted FTP t

CVE-2023-20264 [MEDIUM] CWE-601 CVE-2023-20264: A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-o A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-on (SSO) for remote access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to intercept the SAML assertion of a user who is authenticating to a re

CVE-2023-20247 [MEDIUM] CWE-288 CVE-2023-20247: A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Soft A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to bypass a configured multiple certificate authentication policy and connect using only a valid username and password. This vulnerability is due to i

CVE-2023-20031 [MEDIUM] CWE-244 CVE-2023-20031: A vulnerability in the SSL/TLS certificate handling of Snort 3 Detection Engine integration with Cis A vulnerability in the SSL/TLS certificate handling of Snort 3 Detection Engine integration with Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart. This vulnerability is due to a logic error that occurs when an SSL/TLS certificate that is under load is acces

CVE-2023-20246 [MEDIUM] CWE-290 CVE-2023-20246: Multiple Cisco products are affected by a vulnerability in Snort access control policies that could Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a logic error that occurs when the access control policies are being populated. An attacker could exploit this vulnerability

CVE-2023-20245 [MEDIUM] CWE-290 CVE-2023-20245: Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. These vulnerabilit

CVE-2023-20070 [MEDIUM] CWE-244 CVE-2023-20070: A vulnerability in the TLS 1.3 implementation of the Cisco Firepower Threat Defense (FTD) Software c A vulnerability in the TLS 1.3 implementation of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart. This vulnerability is due to a logic error in how memory allocations are handled during a TLS 1.3 session. Under specific, time-based constra

CVE-2023-20256 [MEDIUM] CWE-290 CVE-2023-20256: Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. These vulnerabilit

CVE-2023-20269 [CRITICAL] CWE-288 CVE-2023-20269: A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a

CVE-2023-20234 [MEDIUM] CWE-73 CVE-2023-20234: A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to cr A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files. The vulnerability occurs because there is no validation of parameters when a specific CLI command is used. An attacker could exploit this vulnerability b