Unauth Remote FTP Bypass via Snort DCE on Cisco ASA
CVE-2023-20071 Published on November 1, 2023
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and deliver a malicious payload.
Vulnerability Analysis
CVE-2023-20071 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity, and no impact on availability.
Weakness Type
Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations
The product uses an automated mechanism such as machine learning to recognize complex data inputs (e.g. image or audio) as a particular concept or category, but it does not properly detect or handle inputs that have been modified or constructed in a way that causes the mechanism to detect a different, incorrect concept.
Products Associated with CVE-2023-20071
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-20071 are published in these products:
Affected Versions
Cisco Firepower Threat Defense Software:- Version 6.2.3 is affected.
- Version 6.2.3.1 is affected.
- Version 6.2.3.2 is affected.
- Version 6.2.3.3 is affected.
- Version 6.2.3.4 is affected.
- Version 6.2.3.5 is affected.
- Version 6.2.3.6 is affected.
- Version 6.2.3.7 is affected.
- Version 6.2.3.8 is affected.
- Version 6.2.3.10 is affected.
- Version 6.2.3.11 is affected.
- Version 6.2.3.9 is affected.
- Version 6.2.3.12 is affected.
- Version 6.2.3.13 is affected.
- Version 6.2.3.14 is affected.
- Version 6.2.3.15 is affected.
- Version 6.2.3.16 is affected.
- Version 6.2.3.17 is affected.
- Version 6.2.3.18 is affected.
- Version 6.6.0 is affected.
- Version 6.6.0.1 is affected.
- Version 6.6.1 is affected.
- Version 6.6.3 is affected.
- Version 6.6.4 is affected.
- Version 6.6.5 is affected.
- Version 6.6.5.1 is affected.
- Version 6.6.5.2 is affected.
- Version 6.6.7 is affected.
- Version 6.6.7.1 is affected.
- Version 6.4.0 is affected.
- Version 6.4.0.1 is affected.
- Version 6.4.0.3 is affected.
- Version 6.4.0.2 is affected.
- Version 6.4.0.4 is affected.
- Version 6.4.0.5 is affected.
- Version 6.4.0.6 is affected.
- Version 6.4.0.7 is affected.
- Version 6.4.0.8 is affected.
- Version 6.4.0.9 is affected.
- Version 6.4.0.10 is affected.
- Version 6.4.0.11 is affected.
- Version 6.4.0.12 is affected.
- Version 6.4.0.13 is affected.
- Version 6.4.0.14 is affected.
- Version 6.4.0.15 is affected.
- Version 6.4.0.16 is affected.
- Version 6.7.0 is affected.
- Version 6.7.0.1 is affected.
- Version 6.7.0.2 is affected.
- Version 6.7.0.3 is affected.
- Version 7.0.0 is affected.
- Version 7.0.0.1 is affected.
- Version 7.0.1 is affected.
- Version 7.0.1.1 is affected.
- Version 7.0.2 is affected.
- Version 7.0.2.1 is affected.
- Version 7.0.3 is affected.
- Version 7.0.4 is affected.
- Version 7.0.5 is affected.
- Version 7.1.0 is affected.
- Version 7.1.0.1 is affected.
- Version 7.1.0.2 is affected.
- Version 7.1.0.3 is affected.
- Version 7.2.0 is affected.
- Version 7.2.0.1 is affected.
- Version 7.2.1 is affected.
- Version 7.2.2 is affected.
- Version 7.2.3 is affected.
- Version 7.3.0 is affected.
- Version 7.3.1 is affected.
- Version 7.3.1.1 is affected.
- Version N/A is affected.
- Version 3.0.4 is affected.
- Version 3.0.0 is affected.
- Version 3.0.1 is affected.
- Version 3.0.2 is affected.
- Version 3.0.3 is affected.
- Version 3.0.5 is affected.
- Version 3.0.6 is affected.
- Version 3.1.0 is affected.
- Version 3.1.2 is affected.
- Version 3.1.1 is affected.
- Version 3.2.3 is affected.
- Version 3.2.1 is affected.
- Version 3.2.4 is affected.
- Version 3.2.0 is affected.
- Version 3.2.2 is affected.
- Version 4.0.0 is affected.
- Version 4.0.1 is affected.
- Version 4.0.2 is affected.
- Version 4.0.3 is affected.
- Version 4.1.0 is affected.
- Version 4.1.1 is affected.
- Version 4.1.2 is affected.
- Version 16.12.1a is affected.
- Version 16.12.2 is affected.
- Version 16.12.3 is affected.
- Version 16.12.4 is affected.
- Version 16.12.5 is affected.
- Version 16.12.6 is affected.
- Version 16.12.7 is affected.
- Version 16.12.8 is affected.
- Version 16.6.1 is affected.
- Version 16.6.5 is affected.
- Version 16.6.6 is affected.
- Version 16.6.7a is affected.
- Version 16.6.9 is affected.
- Version 16.6.10 is affected.
- Version 17.1.1 is affected.
- Version 17.2.1r is affected.
- Version 17.3.1a is affected.
- Version 17.3.2 is affected.
- Version 17.3.3 is affected.
- Version 17.3.4a is affected.
- Version 17.3.6 is affected.
- Version 17.3.5 is affected.
- Version 17.3.7 is affected.
- Version 3.17.0S is affected.
- Version 3.17.1S is affected.
- Version 17.4.1a is affected.
- Version 17.4.2 is affected.
- Version 17.4.1b is affected.
- Version 17.5.1a is affected.
- Version 17.6.1a is affected.
- Version 17.6.2 is affected.
- Version 17.6.3a is affected.
- Version 17.6.4 is affected.
- Version 17.6.5 is affected.
- Version 17.7.1a is affected.
- Version 17.7.2 is affected.
- Version 17.10.1a is affected.
- Version 17.9.1a is affected.
- Version 17.9.2a is affected.
- Version 17.9.3a is affected.
- Version 17.8.1a is affected.
- Version Fuji-16.9.2 is affected.
- Version Fuji-16.9.4 is affected.
- Version Fuji-16.9.6 is affected.
- Version Fuji-16.9.3 is affected.
- Version Fuji-16.9.7 is affected.
- Version Fuji-16.9.8 is affected.
- Version Fuji-16.9.5 is affected.
- Version Denali-16.3.3 is affected.
- Version Denali-16.3.9 is affected.
- Version Denali-16.3.7 is affected.
- Version Denali-16.3.5 is affected.
- Version Denali-16.3.4 is affected.
- Version Everest-16.6.3 is affected.
- Version Everest-16.6.4 is affected.
- Version Everest-16.6.2 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.