Skip to main content

Snort CVE-2023-20246

MEDIUM
Authentication Bypass by Spoofing (CWE-290)
2023-11-01 psirt@cisco.com
5.3
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.3 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None

Lifecycle Timeline

1
CVE Published
Nov 01, 2023 - 18:15 nvd
MEDIUM 5.3

DescriptionNVD

Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a logic error that occurs when the access control policies are being populated. An attacker could exploit this vulnerability by establishing a connection to an affected device. A successful exploit could allow the attacker to bypass configured access control rules on the affected system.

AnalysisAI

Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-290. Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a logic error that occurs when the access control policies are being populated. An attacker could exploit this vulnerability by establishing a connection to an affected device. A successful exploit could allow the attacker to bypass configured access control rules on the affected system. Affected products include: Snort, Cisco Firepower Threat Defense, Cisco Ios Xe.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

More in Snort

View all
CVE-2016-1417 HIGH POC
8.8 Jan 23

Untrusted search path vulnerability in Snort 2.9.7.0-WIN32 allows remote attackers to execute arbitrary code and conduct

CVE-2024-20342 HIGH
8.6 Oct 23

Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that

CVE-2017-6657 HIGH
7.5 May 16

Cisco Sourcefire Snort 3.0 before build 233 mishandles Ether Type Validation. Rated high severity (CVSS 7.5), this vulne

CVE-2021-40116 HIGH
7.5 Oct 27

Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attac

CVE-2021-40114 HIGH
7.5 Oct 27

Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic tha

CVE-2021-1223 HIGH
7.5 Jan 13

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticate

CVE-2024-20363 MEDIUM
5.8 May 22

Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System (IPS) rule engine that

CVE-2020-3299 MEDIUM
5.8 Oct 21

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticate

CVE-2021-1495 MEDIUM
5.3 Apr 29

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticate

CVE-2021-1236 MEDIUM
5.3 Jan 13

Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an un

CVE-2021-1224 MEDIUM
5.3 Jan 13

Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort

Share

CVE-2023-20246 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy