CVSS: 5.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-20246
https://notcve.org/view.php?id=CVE-2023-20246
Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a logic error that occurs when the access control policies are being populated. An attacker could exploit this vulnerability by establishing a connection to an affected device. A successful exploit could allow the attacker to bypass configured access control rules on the affected system. Varios productos de Cisco se ven afectados por una vulnerabilidad en las políticas de control de acceso de Snort que podría permitir que un atacante remoto no autenticado eluda las políticas configuradas en un sistema afectado. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3acp-bypass-3bdR2BEh • CWE-290: Authentication Bypass by Spoofing •
CVSS: 8.6EPSS: 0%CPEs: 51EXPL: 0CVE-2023-20042
https://notcve.org/view.php?id=CVE-2023-20042
A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an implementation error within the SSL/TLS session handling process that can prevent the release of a session handler under specific conditions. An attacker could exploit this vulnerability by sending crafted SSL/TLS traffic to an affected device, increasing the probability of session handler leaks. A successful exploit could allow the attacker to eventually deplete the available session handler pool, preventing new sessions from being established and causing a DoS condition. Una vulnerabilidad en la función AnyConnect SSL VPN del software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podría permitir que un atacante remoto no autenticado cause una condición de Denegación de Servicio (DoS) en un dispositivo afectado. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-kxG8mpUA • CWE-404: Improper Resource Shutdown or Release •
CVSS: 5.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-20071
https://notcve.org/view.php?id=CVE-2023-20071
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and deliver a malicious payload. Varios productos de Cisco se ven afectados por una vulnerabilidad en el motor de detección Snort que podría permitir que un atacante remoto no autenticado omitir las políticas configuradas en un sistema afectado. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ftd-zXYtnjOM • CWE-1039: Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations •
CVSS: 5.8EPSS: 0%CPEs: 210EXPL: 0CVE-2023-20245
https://notcve.org/view.php?id=CVE-2023-20245
Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. These vulnerabilities are due to a logic error that could occur when the affected software constructs and applies per-user-override rules. An attacker could exploit these vulnerabilities by connecting to a network through an affected device that has a vulnerable configuration. A successful exploit could allow the attacker to bypass the interface ACL and access resources that would should be protected. Múltiples vulnerabilidades en la función de anulación por usuario del software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podrían permitir que un atacante remoto no autenticado omita una Lista de Control de Acceso (ACL) configurada y permita el tráfico que debería se le negará el flujo a través de un dispositivo afectado. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb • CWE-290: Authentication Bypass by Spoofing •
CVSS: 5.8EPSS: 0%CPEs: 152EXPL: 0CVE-2023-20256
https://notcve.org/view.php?id=CVE-2023-20256
Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. These vulnerabilities are due to a logic error that could occur when the affected software constructs and applies per-user-override rules. An attacker could exploit these vulnerabilities by connecting to a network through an affected device that has a vulnerable configuration. A successful exploit could allow the attacker to bypass the interface ACL and access resources that would should be protected. Múltiples vulnerabilidades en la función de anulación por usuario del software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podrían permitir que un atacante remoto no autenticado omita una Lista de Control de Acceso (ACL) configurada y permita el tráfico que debería se le negará el flujo a través de un dispositivo afectado. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb • CWE-290: Authentication Bypass by Spoofing •