Strix
26.1K

CVE-2023-20215

MEDIUMCVSS 5.3/10EPSS 0.48%

Last modified

CVE-2023-20215 is a medium-severity vulnerability rated 5.3/10 on the CVSS scale. A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass a configured rule, allowing traffic onto a network that should have been blocked. This vulnerability is due to improper detection of malicious traffic when the traffic is encoded with a specific content format. An attacker could exploit this vulnerability by using an affected device to connect to a malicious server and receiving crafted HTTP responses. EPSS estimates a 0.48% chance of exploitation in the next 30 days.

Description

A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass a configured rule, allowing traffic onto a network that should have been blocked. This vulnerability is due to improper detection of malicious traffic when the traffic is encoded with a specific content format. An attacker could exploit this vulnerability by using an affected device to connect to a malicious server and receiving crafted HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device.

Metrics

CVSS 3.1
5.3/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

EPSS Probability
0.48%

37.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoAsyncos11.7.0-406
CiscoAsyncos11.7.0-418
CiscoAsyncos11.7.1-006
CiscoAsyncos11.7.1-020
CiscoAsyncos11.7.1-049
CiscoAsyncos11.7.2-011
CiscoAsyncos11.8.0-414
CiscoAsyncos11.8.1-023
CiscoAsyncos11.8.3-018
CiscoAsyncos11.8.3-021
CiscoAsyncos12.0.1-268
CiscoAsyncos12.0.3-007
CiscoAsyncos12.5.1-011
CiscoAsyncos12.5.2-007
CiscoAsyncos12.5.4-005
CiscoAsyncos12.5.5-004
CiscoAsyncos14.0.2-012
CiscoAsyncos14.0.3-014
CiscoAsyncos14.0.4-005
CiscoAsyncos14.5.0-498
CiscoAsyncos14.5.1-008
CiscoAsyncos14.5.1-016

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2023-20215?
A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass a configured rule, allowing traffic onto a network that should have been blocked. This vulnerability is due to improper detection of malicious traffic when the traffic is encoded with a specific content format. An attacker could exploit this vulnerability by using an affected device to connect to a malicious server and receiving crafted HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device.
How severe is CVE-2023-20215?
CVE-2023-20215 has a CVSS score of 5.3/10 (MEDIUM severity). The EPSS model estimates a 0.48% probability of exploitation in the next 30 days.
How do I fix CVE-2023-20215?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2023-20215?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST