gsd-2023-20215
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass a configured rule, allowing traffic onto a network that should have been blocked.
This vulnerability is due to improper detection of malicious traffic when the traffic is encoded with a specific content format. An attacker could exploit this vulnerability by using an affected device to connect to a malicious server and receiving crafted HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-20215",
"id": "GSD-2023-20215"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-20215"
],
"details": "A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass a configured rule, allowing traffic onto a network that should have been blocked.\r\n\r This vulnerability is due to improper detection of malicious traffic when the traffic is encoded with a specific content format. An attacker could exploit this vulnerability by using an affected device to connect to a malicious server and receiving crafted HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device.",
"id": "GSD-2023-20215",
"modified": "2023-12-13T01:20:27.968608Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2023-20215",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Secure Web Appliance",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.7.0-406"
},
{
"version_affected": "=",
"version_value": "11.7.0-418"
},
{
"version_affected": "=",
"version_value": "11.7.1-049"
},
{
"version_affected": "=",
"version_value": "11.7.1-006"
},
{
"version_affected": "=",
"version_value": "11.7.1-020"
},
{
"version_affected": "=",
"version_value": "11.7.2-011"
},
{
"version_affected": "=",
"version_value": "11.8.0-414"
},
{
"version_affected": "=",
"version_value": "11.8.1-023"
},
{
"version_affected": "=",
"version_value": "11.8.3-018"
},
{
"version_affected": "=",
"version_value": "11.8.3-021"
},
{
"version_affected": "=",
"version_value": "12.0.1-268"
},
{
"version_affected": "=",
"version_value": "12.0.3-007"
},
{
"version_affected": "=",
"version_value": "12.5.2-007"
},
{
"version_affected": "=",
"version_value": "12.5.1-011"
},
{
"version_affected": "=",
"version_value": "12.5.4-005"
},
{
"version_affected": "=",
"version_value": "12.5.5-004"
},
{
"version_affected": "=",
"version_value": "14.5.0-498"
},
{
"version_affected": "=",
"version_value": "14.5.1-016"
},
{
"version_affected": "=",
"version_value": "14.0.3-014"
},
{
"version_affected": "=",
"version_value": "14.0.2-012"
},
{
"version_affected": "=",
"version_value": "14.0.4-005"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass a configured rule, allowing traffic onto a network that should have been blocked.\r\n\r This vulnerability is due to improper detection of malicious traffic when the traffic is encoded with a specific content format. An attacker could exploit this vulnerability by using an affected device to connect to a malicious server and receiving crafted HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-202",
"lang": "eng",
"value": "Exposure of Sensitive Information Through Data Queries"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-bypass-vXvqwzsj",
"refsource": "MISC",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-bypass-vXvqwzsj"
}
]
},
"source": {
"advisory": "cisco-sa-wsa-bypass-vXvqwzsj",
"defects": [
"CSCwf60901",
"CSCwf55917",
"CSCwf94501"
],
"discovery": "EXTERNAL"
}
},
"nvd.nist.gov": {
"cve": {
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asyncos:11.7.0-406:*:*:*:*:*:*:*",
"matchCriteriaId": "A7A3D131-5E67-484E-93FA-BFF303019F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asyncos:11.7.0-418:*:*:*:*:*:*:*",
"matchCriteriaId": "12FFA6C7-9B30-4D17-8AB6-523776611524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asyncos:11.7.1-006:*:*:*:*:*:*:*",
"matchCriteriaId": "93F2A8D1-E9B1-4D01-B0EB-25B5E3A40B89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asyncos:11.7.1-020:*:*:*:*:*:*:*",
"matchCriteriaId": "0A13BA0C-9511-4522-BC82-702E0BE73C98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asyncos:11.7.1-049:*:*:*:*:*:*:*",
"matchCriteriaId": "2897D754-3B0B-4C18-8346-70CF2BE350A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asyncos:11.7.2-011:*:*:*:*:*:*:*",
"matchCriteriaId": "40D30CE8-84FA-4D81-9996-C07FD757B6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asyncos:11.8.0-414:*:*:*:*:*:*:*",
"matchCriteriaId": "DDF27FDC-ADC4-4C98-8A49-DAD2471F8301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asyncos:11.8.1-023:*:*:*:*:*:*:*",
"matchCriteriaId": "02072E0E-BC8C-4992-AB4D-BDE5829169A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asyncos:11.8.3-018:*:*:*:*:*:*:*",
"matchCriteriaId": "67213820-8CF2-4C0E-8BE8-801FD01A97C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asyncos:11.8.3-021:*:*:*:*:*:*:*",
"matchCriteriaId": "2281D49F-6C3F-4B09-AFB4-707253876591",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asyncos:12.0.1-268:*:*:*:*:*:*:*",
"matchCriteriaId": "1F6D5632-1951-4DB7-9B56-4D1947E09ECD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asyncos:12.0.3-007:*:*:*:*:*:*:*",
"matchCriteriaId": "8F221598-29D1-4B13-A427-315F93BD9865",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asyncos:12.5.1-011:*:*:*:*:*:*:*",
"matchCriteriaId": "A2D22A3C-16D5-4F61-AB44-111F4A4D9F5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asyncos:12.5.2-007:*:*:*:*:*:*:*",
"matchCriteriaId": "8C79D794-0BA9-4A55-B843-FBF9B7374095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asyncos:12.5.4-005:*:*:*:*:*:*:*",
"matchCriteriaId": "BBE6E431-7859-4E92-88C5-C85DADC8A5D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asyncos:12.5.5-004:*:*:*:*:*:*:*",
"matchCriteriaId": "495A2286-32A3-4F86-9D14-A1561FCE418A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asyncos:14.0.2-012:*:*:*:*:*:*:*",
"matchCriteriaId": "50BAC418-1CA1-4DB7-8B54-E4754A35F6E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asyncos:14.0.3-014:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A1AE33-A44E-422C-BBF3-FEF0BD24081D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asyncos:14.0.4-005:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A91305-1002-4717-AB81-A98C9C30CEA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asyncos:14.5.0-498:*:*:*:*:*:*:*",
"matchCriteriaId": "60A56580-C34C-4E5D-B053-9D02F8DD9681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asyncos:14.5.1-008:*:*:*:*:*:*:*",
"matchCriteriaId": "89DC9472-A8C0-41CB-99DE-B0E160157B3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asyncos:14.5.1-016:*:*:*:*:*:*:*",
"matchCriteriaId": "78109D4E-9FAA-4B5A-96E4-6D30D3458BFD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:s195:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9797CD28-48A3-45BD-BF68-F0DF6F5A5579",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:s395:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D20279-8176-449A-AF4C-E2C90F370B30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:s695:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9408ADA-7A8F-4528-8236-65713CF642D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:web_security_appliance_s170:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E401F29A-026F-4097-B513-47911CB3AA09",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:web_security_appliance_s190:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3B097B-F689-4886-A0C6-B71ECAD783CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:web_security_appliance_s380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23C3AECC-9270-42B5-A36E-208AA0B48D93",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:web_security_appliance_s390:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5290B9CF-CF7D-4762-B5EE-5DAEA03C6409",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:web_security_appliance_s680:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE85462C-079B-4488-AB0E-989D41EB7AFD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:web_security_appliance_s690:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48A8E5E8-8361-4BC8-BFA9-CAE4745A9C48",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:web_security_appliance_s690x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FBEAFE16-BD4F-4538-9A06-173FB678DB8B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass a configured rule, allowing traffic onto a network that should have been blocked.\r\n\r This vulnerability is due to improper detection of malicious traffic when the traffic is encoded with a specific content format. An attacker could exploit this vulnerability by using an affected device to connect to a malicious server and receiving crafted HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device."
}
],
"id": "CVE-2023-20215",
"lastModified": "2024-01-25T17:15:37.373",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
]
},
"published": "2023-08-03T22:15:11.513",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-bypass-vXvqwzsj"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-202"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
]
}
}
}
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.