CVE-2023-20031
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the SSL/TLS certificate handling of Snort 3 Detection Engine integration with Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart. This vulnerability is due to a logic error that occurs when an SSL/TLS certificate that is under load is accessed when it is initiating an SSL connection. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a high rate of SSL/TLS connection requests to be inspected by the Snort 3 detection engine on an affected device. A successful exploit could allow the attacker to cause the Snort 3 detection engine to reload, resulting in either a bypass or a denial of service (DoS) condition, depending on device configuration. The Snort detection engine will restart automatically. No manual intervention is required.
Una vulnerabilidad en el manejo de certificados SSL/TLS de la integración del motor de detección Snort 3 con el software Cisco Firepower Threat Defense (FTD) podría permitir que un atacante remoto no autenticado provoque que el motor de detección Snort 3 se reinicie. Esta vulnerabilidad se debe a un error lógico que ocurre cuando se accede a un certificado SSL/TLS que está bajo carga cuando se inicia una conexión SSL. Bajo limitaciones específicas basadas en el tiempo, un atacante podría aprovechar esta vulnerabilidad enviando una alta tasa de solicitudes de conexión SSL/TLS para ser inspeccionadas por el motor de detección Snort 3 en un dispositivo afectado. Un exploit exitoso podría permitir al atacante hacer que el motor de detección de Snort 3 se recargue, lo que resultaría en una condición de omisión o Denegación de Servicio (DoS), dependiendo de la configuración del dispositivo. El motor de detección de Snort se reiniciará automáticamente. No se requiere intervención manual.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-10-27 CVE Reserved
- 2023-11-01 CVE Published
- 2023-11-15 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-244: Improper Clearing of Heap Memory Before Release ('Heap Inspection')
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 6.7.0 Search vendor "Cisco" for product "Firepower Threat Defense" and version "6.7.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 6.7.0.1 Search vendor "Cisco" for product "Firepower Threat Defense" and version "6.7.0.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 6.7.0.2 Search vendor "Cisco" for product "Firepower Threat Defense" and version "6.7.0.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 6.7.0.3 Search vendor "Cisco" for product "Firepower Threat Defense" and version "6.7.0.3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 7.0.0 Search vendor "Cisco" for product "Firepower Threat Defense" and version "7.0.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 7.0.0.1 Search vendor "Cisco" for product "Firepower Threat Defense" and version "7.0.0.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 7.0.1 Search vendor "Cisco" for product "Firepower Threat Defense" and version "7.0.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 7.0.1.1 Search vendor "Cisco" for product "Firepower Threat Defense" and version "7.0.1.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 7.0.2 Search vendor "Cisco" for product "Firepower Threat Defense" and version "7.0.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 7.0.2.1 Search vendor "Cisco" for product "Firepower Threat Defense" and version "7.0.2.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 7.0.3 Search vendor "Cisco" for product "Firepower Threat Defense" and version "7.0.3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 7.0.4 Search vendor "Cisco" for product "Firepower Threat Defense" and version "7.0.4" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 7.0.5 Search vendor "Cisco" for product "Firepower Threat Defense" and version "7.0.5" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 7.2.0 Search vendor "Cisco" for product "Firepower Threat Defense" and version "7.2.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 7.2.0.1 Search vendor "Cisco" for product "Firepower Threat Defense" and version "7.2.0.1" | - |
Affected
| ||||||