March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – Multiple Microsoft Edge (Chromium-based) Vulnerabilities
November 3, 2023Rewterz Threat Advisory – Multiple Cisco Adaptive Security Appliance and Firepower Threat Defense Software Vulnerabilities
November 3, 2023Rewterz Threat Advisory – Multiple Microsoft Edge (Chromium-based) Vulnerabilities
November 3, 2023Rewterz Threat Advisory – Multiple Cisco Adaptive Security Appliance and Firepower Threat Defense Software Vulnerabilities
November 3, 2023
Severity
Medium
Analysis Summary
CVE-2023-20246 CVSS:5.8
Multiple Cisco Products could allow a remote attacker to bypass security restrictions, caused by a logic error that occurs when the access control policies are being populated. By establishing a connection, an attacker could exploit this vulnerability to bypass configured access control rules on the affected system.
CVE-2023-20255 CVSS:5.3
Cisco Meeting Server is vulnerable to a denial of service, caused by improper validation of HTTP requests. By sending specially crafted HTTP packets, a remote attacker could exploit this vulnerability to cause ongoing video calls to be dropped, and results in a denial of service condition.
CVE-2023-20071 CVSS:5.8
Multiple Cisco Products could allow a remote attacker to bypass security restrictions, caused by a flaw in the FTP module of the Snort detection engine. By sending crafted FTP traffic, an attacker could exploit this vulnerability to bypass FTP inspection and deliver a malicious payload.
CVE-2023-20175 CVSS:8.8
Cisco Identity Services Engine could allow a local authenticated attacker to execute arbitrary commands on the system, caused by improper validation of user-supplied input. By sending a specially crafted CLI command, an attacker could exploit this vulnerability to execute arbitrary commands on the underlying operating system with root privileges.
CVE-2023-20170 CVSS:6
Cisco Identity Services Engine could allow a local authenticated attacker to execute arbitrary commands on the system, caused by improper validation of user-supplied input. By sending a specially crafted CLI command, an attacker could exploit this vulnerability to execute arbitrary commands on the underlying operating system with root privileges.
Impact
- Denial of Service
- Gain Access
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2023-20246
- CVE-2023-20255
- CVE-2023-20071
- CVE-2023-20175
- CVE-2023-20170
Affected Vendors
Cisco
Affected Products
- Cisco Identity Services Engine (ISE)
- Cisco FirePOWER Services Software for ASA
- Cisco Open Source Snort 3
- Cisco IOS XE
- Cisco Open Source Snort 2
- Cisco Firepower Threat Defense (FTD) Software
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.