Cisco Firepower Threat Defense vulnerabilities

CVE-2023-20177 [MEDIUM] CWE-244 CVE-2023-20177: A vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense (FTD) Softwa A vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense (FTD) Software that occurs when the SSL/TLS connection is configured with a URL Category and the Snort 3 detection engine could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart. This vulnerability exists beca

CVE-2023-20270 [MEDIUM] CWE-20 CVE-2023-20270: A vulnerability in the interaction between the Server Message Block (SMB) protocol preprocessor and A vulnerability in the interaction between the Server Message Block (SMB) protocol preprocessor and the Snort 3 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device. This vulnerability is du

CVE-2023-20246 [MEDIUM] CWE-290 CVE-2023-20246: Multiple Cisco products are affected by a vulnerability in Snort access control policies that could Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a logic error that occurs when the access control policies are being populated. An attacker could exploit this vulnerability

CVE-2023-20070 [MEDIUM] CWE-244 CVE-2023-20070: A vulnerability in the TLS 1.3 implementation of the Cisco Firepower Threat Defense (FTD) Software c A vulnerability in the TLS 1.3 implementation of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart. This vulnerability is due to a logic error in how memory allocations are handled during a TLS 1.3 session. Under specific, time-based constra

CVE-2023-20247 [MEDIUM] CWE-288 CVE-2023-20247: A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Soft A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to bypass a configured multiple certificate authentication policy and connect using only a valid username and password. This vulnerability is due to i

CVE-2023-20245 [MEDIUM] CWE-290 CVE-2023-20245: Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. These vulnerabilit

CVE-2023-20264 [MEDIUM] CWE-601 CVE-2023-20264: A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-o A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-on (SSO) for remote access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to intercept the SAML assertion of a user who is authenticating to a re

CVE-2023-20256 [MEDIUM] CWE-290 CVE-2023-20256: Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. These vulnerabilit

CVE-2023-44487 [HIGH] CWE-400 CVE-2023-44487: The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancell The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

CVE-2023-20269 [CRITICAL] CWE-288 CVE-2023-20269: A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a

CVE-2023-20006 [HIGH] CWE-681 CVE-2023-20006: A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (Do

CVE-2023-20107 [HIGH] CWE-332 CVE-2023-20107: A vulnerability in the deterministic random bit generator (DRBG), also known as pseudorandom number A vulnerability in the deterministic random bit generator (DRBG), also known as pseudorandom number generator (PRNG), in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco ASA 5506-X, ASA 5508-X, and ASA 5516-X Firewalls could allow an unauthenticated, remote attacker to cause a cryptographic co

CVE-2023-20081 [MEDIUM] CWE-122 CVE-2023-20081: A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA) S A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insu

CVE-2022-20946 [HIGH] CWE-122 CVE-2022-20946: A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Fir A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a memory handling error that occurs when GRE traffic is processed. An a

CVE-2022-20854 [HIGH] CWE-400 CVE-2022-20854: A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC) and A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error handling when an SSH session fails to be establi

CVE-2022-20947 [HIGH] CWE-119 CVE-2022-20947: A vulnerability in dynamic access policies (DAP) functionality of Cisco Adaptive Security Appliance A vulnerability in dynamic access policies (DAP) functionality of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to improper processing of HostSc

CVE-2022-20924 [MEDIUM] CWE-703 CVE-2022-20924: A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An

CVE-2022-20940 [MEDIUM] CWE-203 CVE-2022-20940: A vulnerability in the TLS handler of Cisco Firepower Threat Defense (FTD) Software could allow an u A vulnerability in the TLS handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain access to sensitive information. This vulnerability is due to improper implementation of countermeasures against a Bleichenbacher attack on a device that uses SSL decryption policies. An attacker could exploit t

CVE-2022-20949 [MEDIUM] CWE-399 CVE-2022-20949: A vulnerability in the management web server of Cisco Firepower Threat Defense (FTD) Software could A vulnerability in the management web server of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with high privileges to execute configuration commands on an affected system. This vulnerability exists because access to HTTPS endpoints is not properly restricted on an affected device. An attacker could exploi

CVE-2022-20928 [MEDIUM] CWE-863 CVE-2022-20928: A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive A vulnerability in the authentication and authorization flows for VPN connections in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to establish a connection as a different user. This vulnerability is due to a flaw in the authorization verifications during t