Vulnslist

find the latest Cisco vulnerabilities

cURL and libcurl Vulnerability Affecting Cisco Products: October 2023

cisco-sa-curl-libcurl-D9ds39cV · High · Published · Updated

On October 11, 2023, cURL released Version 8.4.0 of the cURL utility and the libcurl library. This release addressed two security vulnerabilities:  CVE-2023-38545 – High Security Impact Rating (SIR) CVE-2023-38546 – Low SIR This advisory covers CVE-2023-38545 only. For more information about this vulnerability, see the cURL advisory.  This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-curl-libcurl-D9ds39cV

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2023-38545, CVE-2023-38546
Cisco Bug IDsNA
CVSS ScoreBase 7.5
Base 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X
Product Names From Source
Cisco Adaptive Security Appliance (ASA) Software, Cisco Crosswork Network Change Automation, Cisco Secure Network Analytics, Cisco Secure Firewall Adaptive Security Appliance (ASA) Software

Related Products

Product CVE Evidence
Cisco Secure Network Analytics CVE-2023-38546 Cisco OpenVuln
Cisco Secure Network Analytics CVE-2023-38545 Cisco OpenVuln
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software CVE-2023-38546 Cisco OpenVuln
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software CVE-2023-38545 Cisco OpenVuln
Cisco Crosswork Network Change Automation CVE-2023-38546 Cisco OpenVuln
Cisco Crosswork Network Change Automation CVE-2023-38545 Cisco OpenVuln
Cisco Adaptive Security Appliance (ASA) Software CVE-2023-38546 Cisco OpenVuln
Cisco Adaptive Security Appliance (ASA) Software CVE-2023-38545 Cisco OpenVuln