CVE & CISA-KEV Catalog

CVE-2023-20177

MEDIUM
4.0
CVSS v3
NVD

Description

A vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense (FTD) Software that occurs when the SSL/TLS connection is configured with a URL Category and the Snort 3 detection engine could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart. This vulnerability exists because a logic error occurs when a Snort 3 detection engine inspects an SSL/TLS connection that has either a URL Category configured on the SSL file policy or a URL Category configured on an access control policy with TLS server identity discovery enabled. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a crafted SSL/TLS connection through an affected device. A successful exploit could allow the attacker to trigger an unexpected reload of the Snort 3 detection engine, resulting in either a bypass or denial of service (DoS) condition, depending on device configuration. The Snort 3 detection engine will restart automatically. No manual intervention is required.

How to fix

No published remediation has been found for this vulnerability's affected products yet.

Mitigation guidance may be in the linked vendor advisories in the References section below.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeChanged

Impact

ConfidentialityNone
IntegrityNone
AvailabilityLow

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L

Exploit Intelligence

0.53%probability of exploitation in 30 days
41stpercentile

Moderate risk: more likely to be exploited than 41% of all known CVEs.

References

Vendor Advisory1
Embed a live status badge for CVE-2023-20177
CVE-2023-20177 severity badge

Markdown

[![CVE-2023-20177](https://tridentstack.com/cve/badge/CVE-2023-20177.svg)](https://tridentstack.com/cve/CVE-2023-20177)

HTML

<a href="https://tridentstack.com/cve/CVE-2023-20177"><img src="https://tridentstack.com/cve/badge/CVE-2023-20177.svg" alt="CVE-2023-20177"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.