VDB
CVE-2023-20247
CVE-2023-20247
PUBLISHED
In Cisco ASA (Adaptive Security Appliance) und Cisco Firepower existieren mehrere Schwachstellen. Diese sind auf Logikfehler, einer unzureichenden Fehlerbehandlung bei der Authentisierung sowie eine unzureichende Überprüfung von Parametern zurückzuführen. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzeraktion erforderlich.
EPSS 0.03% · 7.9th percentile
Risk Scores
EPSS Score
0.03%
7.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Cisco ASA (Adaptive Security Appliance) | |
| Cisco | Cisco Firepower Threat Defense |
Exploit Intelligence
Timeline
- Nov 1, 2023 CVE Published
- Nov 2, 2023 EPSS Score
- Dec 3, 2023 EPSS Score
- Jan 2, 2024 EPSS Score
- Feb 2, 2024 EPSS Score
- Mar 4, 2024 EPSS Score
- Apr 3, 2024 EPSS Score
- May 4, 2024 EPSS Score
- Jun 4, 2024 EPSS Score
- Jul 5, 2024 EPSS Score
- Aug 4, 2024 EPSS Score
- Sep 4, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2812.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2812 advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-dos-3GhZQBAS advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-icmpv6-t5TzqwNd advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-kxG8mpUA advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-hijack-ttuQfyz advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-multi-cert-dzA3h5PT advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb advisory