VDB
CVE-2023-20042
CVE-2023-20042
PUBLISHED
In Cisco ASA (Adaptive Security Appliance) und Cisco Firepower existieren mehrere Schwachstellen. Diese sind auf Fehler bei der Verarbeitung von Nachrichten, Anfragen sowie einem Fehler in dem Umgang mit TLS-Sessions zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen.
EPSS 0.25% · 48.9th percentile
Risk Scores
EPSS Score
0.25%
48.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Cisco Firepower Threat Defense | |
| Cisco | Cisco ASA (Adaptive Security Appliance) |
Exploit Intelligence
- cisco-sa-asaftd-ssl-dos-kxG8mpUA (circl)
Timeline
- Nov 1, 2023 CVE Published
- Nov 2, 2023 EPSS Score
- Dec 3, 2023 EPSS Score
- Jan 2, 2024 EPSS Score
- Feb 2, 2024 EPSS Score
- Mar 4, 2024 EPSS Score
- Apr 3, 2024 EPSS Score
- May 4, 2024 EPSS Score
- Jun 4, 2024 EPSS Score
- Jul 5, 2024 EPSS Score
- Aug 2, 2024 CVE Updated
- Aug 4, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2812.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2812 advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-dos-3GhZQBAS advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-icmpv6-t5TzqwNd advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-kxG8mpUA advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-hijack-ttuQfyz advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-multi-cert-dzA3h5PT advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb advisory