CVE-2023-20071

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and deliver a malicious payload.

Severity	MEDIUM
CVSS	5.8
CWE	CWE-1039
KEV
Published	2 years ago
Modified	1 year ago

Related Products

Product	Advisory	Evidence
Cisco Umbrella Insights Virtual Appliance	cisco-sa-snort-ftd-zXYtnjOM	Cisco OpenVuln
Cisco Umbrella	cisco-sa-snort-ftd-zXYtnjOM	Cisco OpenVuln
Cisco UTD SNORT IPS Engine Software	cisco-sa-snort-ftd-zXYtnjOM	Cisco OpenVuln
Cisco Secure Firewall Threat Defense Virtual	cisco-sa-snort-ftd-zXYtnjOM	Cisco OpenVuln
Cisco Secure Firewall Threat Defense (FTD) Software	cisco-sa-snort-ftd-zXYtnjOM	Cisco OpenVuln
Cisco Secure Firewall 3100 Series	cisco-sa-snort-ftd-zXYtnjOM	Cisco OpenVuln
Cisco Firepower 9000 Series	cisco-sa-snort-ftd-zXYtnjOM	Cisco OpenVuln
Cisco Firepower 4100 Series	cisco-sa-snort-ftd-zXYtnjOM	Cisco OpenVuln
Cisco Firepower 2100 Series	cisco-sa-snort-ftd-zXYtnjOM	Cisco OpenVuln
Cisco Firepower 1000 Series	cisco-sa-snort-ftd-zXYtnjOM	Cisco OpenVuln
Cisco Cyber Vision	cisco-sa-snort-ftd-zXYtnjOM	Cisco OpenVuln
Cisco ASA 5500-X Series Firewalls	cisco-sa-snort-ftd-zXYtnjOM	Cisco OpenVuln
Cisco 3000 Series Industrial Security Appliances (ISA)	cisco-sa-snort-ftd-zXYtnjOM	Cisco OpenVuln