Vulnslist

find the latest Cisco vulnerabilities

CVE-2023-20275

A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to send packets with another VPN user's source IP address. This vulnerability is due to improper validation of the packet's inner source IP address after decryption. An attacker could exploit this vulnerability by sending crafted packets through the tunnel. A successful exploit could allow the attacker to send a packet impersonating another VPN user's IP address. It is not possible for the attacker to receive return packets.

SeverityMEDIUM
CVSS4.1
CWECWE-346
KEV
Published
Modified

Related Products

Product Advisory Evidence
Cisco Secure Firewall Threat Defense Virtual cisco-sa-asa-ssl-vpn-Y88QOm77 Cisco OpenVuln
Cisco Secure Firewall Threat Defense (FTD) Software cisco-sa-asa-ssl-vpn-Y88QOm77 Cisco OpenVuln
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software cisco-sa-asa-ssl-vpn-Y88QOm77 Cisco OpenVuln
Cisco Secure Firewall 3100 Series cisco-sa-asa-ssl-vpn-Y88QOm77 Cisco OpenVuln
Cisco Firepower 9000 Series cisco-sa-asa-ssl-vpn-Y88QOm77 Cisco OpenVuln
Cisco Firepower 4100 Series cisco-sa-asa-ssl-vpn-Y88QOm77 Cisco OpenVuln
Cisco Firepower 2100 Series cisco-sa-asa-ssl-vpn-Y88QOm77 Cisco OpenVuln
Cisco Firepower 1000 Series cisco-sa-asa-ssl-vpn-Y88QOm77 Cisco OpenVuln
Cisco Adaptive Security Virtual Appliance (ASAv) cisco-sa-asa-ssl-vpn-Y88QOm77 Cisco OpenVuln
Cisco Adaptive Security Appliance (ASA) Software cisco-sa-asa-ssl-vpn-Y88QOm77 Cisco OpenVuln
Cisco ASA 5500-X Series Firewalls cisco-sa-asa-ssl-vpn-Y88QOm77 Cisco OpenVuln
Cisco 3000 Series Industrial Security Appliances (ISA) cisco-sa-asa-ssl-vpn-Y88QOm77 Cisco OpenVuln