March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – Multiple Cisco Products Vulnerabilities
November 3, 2023Rewterz Threat Advisory – Multiple Cisco Firepower Management Center Software Vulnerabilities
November 3, 2023Rewterz Threat Advisory – Multiple Cisco Products Vulnerabilities
November 3, 2023Rewterz Threat Advisory – Multiple Cisco Firepower Management Center Software Vulnerabilities
November 3, 2023
Severity
Medium
Analysis Summary
CVE-2023-20095 CVSS:8.6
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software are vulnerable to a denial of service, caused by improper handling of HTTPS requests. By sending crafted HTTPS requests, a remote attacker could exploit this vulnerability to cause resource exhaustion.
CVE-2023-20086 CVSS:8.6
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software are vulnerable to a denial of service, caused by improper processing of ICMPv6 messages. By sending crafted ICMPv6 messages, an <remote> attacker could exploit this vulnerability to cause the device to reload.
CVE-2023-20256 CVSS:5.8
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software could allow a remote attacker to bypass security restrictions, caused by a logic error in the per-user-override feature. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass the interface ACL and access protected resources.
CVE-2023-20264 CVSS:6.1
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software could allow a remote attacker to bypass security restrictions, caused by improper validation of the login URL. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to modify the login URL and intercept a successful SAML assertion and use that assertion to establish a remote access VPN session.
CVE-2023-20245 CVSS:5.8
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software could allow a remote attacker to bypass security restrictions, caused by a logic error in the per-user-override feature. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass the interface ACL and access protected resources.
CVE-2023-20247 CVSS:5
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software could allow a remote authenticated attacker to bypass security restrictions, caused by improper error handling during remote access VPN authentication. By sending specially crafted requests during remote access VPN session establishment, an attacker could exploit this vulnerability to bypass the configured multiple certificate authentication policy while retaining the privileges and permissions associated with the original connection profile.
CVE-2023-20042 CVSS:6.8
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software are vulnerable to a denial of service, caused by an implementation error within the SSL/TLS session handling process. By sending specially crafted SSL/TLS traffic, a remote attacker could exploit this vulnerability to deplete the available session handler pool and preventing new sessions from being established.
Impact
- Denial of Service
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2023-20095
- CVE-2023-20086
- CVE-2023-20256
- CVE-2023-20264
- CVE-2023-20245
- CVE-2023-20247
- CVE-2023-20042
Affected Vendors
Cisco
Affected Products
- Cisco Adaptive Security Appliance Software
- Cisco Firepower Threat Defense (FTD) Software
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.