VDB
CVE-2023-20063
CVE-2023-20063
PUBLISHED
Es besteht eine Schwachstelle in Cisco Firepower. Dieser Fehler besteht in den Kommunikationsmechanismen zwischen Geräten, auf denen die Cisco Firepower Threat Defense (FTD) Software läuft, und Geräten, auf denen die Cisco Firepower Management (FMC) Software läuft, aufgrund einer unzureichenden Validierung der vom Benutzer bereitgestellten Eingaben. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Code auszuführen, indem er auf den Expertenmodus eines betroffenen Geräts zugreift und bestimmte Befehle an ein angeschlossenes System sendet.
EPSS 0.04% · 11.4th percentile
Risk Scores
EPSS Score
0.04%
11.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Cisco Firepower Management Center | |
| Cisco | Cisco Firepower Threat Defense |
Timeline
- Nov 1, 2023 CVE Published
- Nov 2, 2023 EPSS Score
- Dec 3, 2023 EPSS Score
- Jan 2, 2024 EPSS Score
- Feb 2, 2024 EPSS Score
- Mar 4, 2024 EPSS Score
- Apr 3, 2024 EPSS Score
- May 4, 2024 EPSS Score
- Jun 4, 2024 EPSS Score
- Jul 5, 2024 EPSS Score
- Aug 4, 2024 EPSS Score
- Sep 4, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2809.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2809 advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-ftd-snort3-urldos-OccFQTeX advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-uAnUntcV advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-bypass-LMz2ThKn advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-8U4HHxH8 advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-smbsnort3-dos-pfOjOYUV advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-intrusion-dos-DfT7wyGC advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmpv6-dos-4eMkLuN advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L advisory