Lucene search

[email protected]NVD:CVE-2023-20247

HistoryNov 01, 2023 - 6:15 p.m.

CVE-2023-20247

2023-11-0118:15:09

CWE-288

[email protected]

web.nvd.nist.gov

cisco

asa

ftd

ssl vpn

authentication

bypass

vulnerability

remote access

exploit

privileges

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

AI Score

5.3

Confidence

High

EPSS

0.001

Percentile

19.4%

JSON

A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to bypass a configured multiple certificate authentication policy and connect using only a valid username and password. This vulnerability is due to improper error handling during remote access VPN authentication. An attacker could exploit this vulnerability by sending crafted requests during remote access VPN session establishment. A successful exploit could allow the attacker to bypass the configured multiple certificate authentication policy while retaining the privileges and permissions associated with the original connection profile.

Affected configurations

Nvd

Node

ciscoadaptive_security_appliance_softwareMatch9.8.1

ciscoadaptive_security_appliance_softwareMatch9.8.1.5

ciscoadaptive_security_appliance_softwareMatch9.8.1.7

ciscoadaptive_security_appliance_softwareMatch9.8.2

ciscoadaptive_security_appliance_softwareMatch9.8.2.8

ciscoadaptive_security_appliance_softwareMatch9.8.2.14

ciscoadaptive_security_appliance_softwareMatch9.8.2.15

ciscoadaptive_security_appliance_softwareMatch9.8.2.17

ciscoadaptive_security_appliance_softwareMatch9.8.2.20

ciscoadaptive_security_appliance_softwareMatch9.8.2.24

ciscoadaptive_security_appliance_softwareMatch9.8.2.26

ciscoadaptive_security_appliance_softwareMatch9.8.2.28

ciscoadaptive_security_appliance_softwareMatch9.8.2.33

ciscoadaptive_security_appliance_softwareMatch9.8.2.35

ciscoadaptive_security_appliance_softwareMatch9.8.2.38

ciscoadaptive_security_appliance_softwareMatch9.8.3

ciscoadaptive_security_appliance_softwareMatch9.8.3.8

ciscoadaptive_security_appliance_softwareMatch9.8.3.11

ciscoadaptive_security_appliance_softwareMatch9.8.3.14

ciscoadaptive_security_appliance_softwareMatch9.8.3.16

ciscoadaptive_security_appliance_softwareMatch9.8.3.18

ciscoadaptive_security_appliance_softwareMatch9.8.3.21

ciscoadaptive_security_appliance_softwareMatch9.8.3.26

ciscoadaptive_security_appliance_softwareMatch9.8.3.29

ciscoadaptive_security_appliance_softwareMatch9.8.4.8

ciscoadaptive_security_appliance_softwareMatch9.8.4.10

ciscoadaptive_security_appliance_softwareMatch9.8.4.12

ciscoadaptive_security_appliance_softwareMatch9.8.4.15

ciscoadaptive_security_appliance_softwareMatch9.8.4.17

ciscoadaptive_security_appliance_softwareMatch9.8.4.20

ciscoadaptive_security_appliance_softwareMatch9.8.4.22

ciscoadaptive_security_appliance_softwareMatch9.8.4.25

ciscoadaptive_security_appliance_softwareMatch9.8.4.26

ciscoadaptive_security_appliance_softwareMatch9.8.4.29

ciscoadaptive_security_appliance_softwareMatch9.8.4.32

ciscoadaptive_security_appliance_softwareMatch9.8.4.33

ciscoadaptive_security_appliance_softwareMatch9.8.4.34

ciscoadaptive_security_appliance_softwareMatch9.8.4.35

ciscoadaptive_security_appliance_softwareMatch9.8.4.39

ciscoadaptive_security_appliance_softwareMatch9.8.4.40

ciscoadaptive_security_appliance_softwareMatch9.8.4.41

ciscoadaptive_security_appliance_softwareMatch9.8.4.43

ciscoadaptive_security_appliance_softwareMatch9.8.4.44

ciscoadaptive_security_appliance_softwareMatch9.8.4.45

ciscoadaptive_security_appliance_softwareMatch9.8.4.46

ciscoadaptive_security_appliance_softwareMatch9.8.4.48

ciscoadaptive_security_appliance_softwareMatch9.12.1

ciscoadaptive_security_appliance_softwareMatch9.12.1.2

ciscoadaptive_security_appliance_softwareMatch9.12.1.3

ciscoadaptive_security_appliance_softwareMatch9.12.2

ciscoadaptive_security_appliance_softwareMatch9.12.2.1

ciscoadaptive_security_appliance_softwareMatch9.12.2.4

ciscoadaptive_security_appliance_softwareMatch9.12.2.5

ciscoadaptive_security_appliance_softwareMatch9.12.2.9

ciscoadaptive_security_appliance_softwareMatch9.12.3

ciscoadaptive_security_appliance_softwareMatch9.12.3.2

ciscoadaptive_security_appliance_softwareMatch9.12.3.7

ciscoadaptive_security_appliance_softwareMatch9.12.3.9

ciscoadaptive_security_appliance_softwareMatch9.12.3.12

ciscoadaptive_security_appliance_softwareMatch9.12.4

ciscoadaptive_security_appliance_softwareMatch9.12.4.2

ciscoadaptive_security_appliance_softwareMatch9.12.4.4

ciscoadaptive_security_appliance_softwareMatch9.12.4.7

ciscoadaptive_security_appliance_softwareMatch9.12.4.8

ciscoadaptive_security_appliance_softwareMatch9.12.4.10

ciscoadaptive_security_appliance_softwareMatch9.12.4.13

ciscoadaptive_security_appliance_softwareMatch9.12.4.18

ciscoadaptive_security_appliance_softwareMatch9.12.4.24

ciscoadaptive_security_appliance_softwareMatch9.12.4.26

ciscoadaptive_security_appliance_softwareMatch9.12.4.29

ciscoadaptive_security_appliance_softwareMatch9.12.4.30

ciscoadaptive_security_appliance_softwareMatch9.12.4.35

ciscoadaptive_security_appliance_softwareMatch9.12.4.37

ciscoadaptive_security_appliance_softwareMatch9.12.4.38

ciscoadaptive_security_appliance_softwareMatch9.12.4.39

ciscoadaptive_security_appliance_softwareMatch9.12.4.40

ciscoadaptive_security_appliance_softwareMatch9.12.4.41

ciscoadaptive_security_appliance_softwareMatch9.12.4.47

ciscoadaptive_security_appliance_softwareMatch9.12.4.48

ciscoadaptive_security_appliance_softwareMatch9.12.4.50

ciscoadaptive_security_appliance_softwareMatch9.12.4.52

ciscoadaptive_security_appliance_softwareMatch9.12.4.54

ciscoadaptive_security_appliance_softwareMatch9.12.4.55

ciscoadaptive_security_appliance_softwareMatch9.12.4.56

ciscoadaptive_security_appliance_softwareMatch9.12.4.58

ciscoadaptive_security_appliance_softwareMatch9.14.1

ciscoadaptive_security_appliance_softwareMatch9.14.1.6

ciscoadaptive_security_appliance_softwareMatch9.14.1.10

ciscoadaptive_security_appliance_softwareMatch9.14.1.15

ciscoadaptive_security_appliance_softwareMatch9.14.1.19

ciscoadaptive_security_appliance_softwareMatch9.14.1.30

ciscoadaptive_security_appliance_softwareMatch9.14.2

ciscoadaptive_security_appliance_softwareMatch9.14.2.4

ciscoadaptive_security_appliance_softwareMatch9.14.2.8

ciscoadaptive_security_appliance_softwareMatch9.14.2.13

ciscoadaptive_security_appliance_softwareMatch9.14.2.15

ciscoadaptive_security_appliance_softwareMatch9.14.3

ciscoadaptive_security_appliance_softwareMatch9.14.3.1

ciscoadaptive_security_appliance_softwareMatch9.14.3.9

ciscoadaptive_security_appliance_softwareMatch9.14.3.11

ciscoadaptive_security_appliance_softwareMatch9.14.3.13

ciscoadaptive_security_appliance_softwareMatch9.14.3.15

ciscoadaptive_security_appliance_softwareMatch9.14.3.18

ciscoadaptive_security_appliance_softwareMatch9.14.4

ciscoadaptive_security_appliance_softwareMatch9.14.4.6

ciscoadaptive_security_appliance_softwareMatch9.14.4.7

ciscoadaptive_security_appliance_softwareMatch9.14.4.12

ciscoadaptive_security_appliance_softwareMatch9.14.4.13

ciscoadaptive_security_appliance_softwareMatch9.14.4.14

ciscoadaptive_security_appliance_softwareMatch9.14.4.15

ciscoadaptive_security_appliance_softwareMatch9.14.4.17

ciscoadaptive_security_appliance_softwareMatch9.14.4.22

ciscoadaptive_security_appliance_softwareMatch9.14.4.23

ciscoadaptive_security_appliance_softwareMatch9.15.1

ciscoadaptive_security_appliance_softwareMatch9.15.1.1

ciscoadaptive_security_appliance_softwareMatch9.15.1.7

ciscoadaptive_security_appliance_softwareMatch9.15.1.10

ciscoadaptive_security_appliance_softwareMatch9.15.1.15

ciscoadaptive_security_appliance_softwareMatch9.15.1.16

ciscoadaptive_security_appliance_softwareMatch9.15.1.17

ciscoadaptive_security_appliance_softwareMatch9.15.1.21

ciscoadaptive_security_appliance_softwareMatch9.16.1

ciscoadaptive_security_appliance_softwareMatch9.16.1.28

ciscoadaptive_security_appliance_softwareMatch9.16.2

ciscoadaptive_security_appliance_softwareMatch9.16.2.3

ciscoadaptive_security_appliance_softwareMatch9.16.2.7

ciscoadaptive_security_appliance_softwareMatch9.16.2.11

ciscoadaptive_security_appliance_softwareMatch9.16.2.13

ciscoadaptive_security_appliance_softwareMatch9.16.2.14

ciscoadaptive_security_appliance_softwareMatch9.16.3

ciscoadaptive_security_appliance_softwareMatch9.16.3.3

ciscoadaptive_security_appliance_softwareMatch9.16.3.14

ciscoadaptive_security_appliance_softwareMatch9.16.3.15

ciscoadaptive_security_appliance_softwareMatch9.16.3.19

ciscoadaptive_security_appliance_softwareMatch9.16.3.23

ciscoadaptive_security_appliance_softwareMatch9.16.4

ciscoadaptive_security_appliance_softwareMatch9.16.4.9

ciscoadaptive_security_appliance_softwareMatch9.16.4.14

ciscoadaptive_security_appliance_softwareMatch9.16.4.18

ciscoadaptive_security_appliance_softwareMatch9.16.4.19

ciscoadaptive_security_appliance_softwareMatch9.17.1

ciscoadaptive_security_appliance_softwareMatch9.17.1.7

ciscoadaptive_security_appliance_softwareMatch9.17.1.9

ciscoadaptive_security_appliance_softwareMatch9.17.1.10

ciscoadaptive_security_appliance_softwareMatch9.17.1.11

ciscoadaptive_security_appliance_softwareMatch9.17.1.13

ciscoadaptive_security_appliance_softwareMatch9.17.1.15

ciscoadaptive_security_appliance_softwareMatch9.17.1.20

ciscoadaptive_security_appliance_softwareMatch9.17.1.30

ciscoadaptive_security_appliance_softwareMatch9.18.1

ciscoadaptive_security_appliance_softwareMatch9.18.1.3

ciscoadaptive_security_appliance_softwareMatch9.18.2

ciscoadaptive_security_appliance_softwareMatch9.18.2.5

ciscoadaptive_security_appliance_softwareMatch9.18.2.7

ciscoadaptive_security_appliance_softwareMatch9.18.2.8

ciscoadaptive_security_appliance_softwareMatch9.18.3

ciscoadaptive_security_appliance_softwareMatch9.18.3.39

ciscoadaptive_security_appliance_softwareMatch9.18.3.46

ciscoadaptive_security_appliance_softwareMatch9.19.1

ciscoadaptive_security_appliance_softwareMatch9.19.1.5

ciscoadaptive_security_appliance_softwareMatch9.19.1.9

ciscoadaptive_security_appliance_softwareMatch9.19.1.12

Node

ciscofirepower_threat_defenseMatch6.2.3

ciscofirepower_threat_defenseMatch6.2.3.1

ciscofirepower_threat_defenseMatch6.2.3.2

ciscofirepower_threat_defenseMatch6.2.3.3

ciscofirepower_threat_defenseMatch6.2.3.4

ciscofirepower_threat_defenseMatch6.2.3.5

ciscofirepower_threat_defenseMatch6.2.3.6

ciscofirepower_threat_defenseMatch6.2.3.7

ciscofirepower_threat_defenseMatch6.2.3.8

ciscofirepower_threat_defenseMatch6.2.3.9

ciscofirepower_threat_defenseMatch6.2.3.10

ciscofirepower_threat_defenseMatch6.2.3.11

ciscofirepower_threat_defenseMatch6.2.3.12

ciscofirepower_threat_defenseMatch6.2.3.13

ciscofirepower_threat_defenseMatch6.2.3.14

ciscofirepower_threat_defenseMatch6.2.3.15

ciscofirepower_threat_defenseMatch6.2.3.16

ciscofirepower_threat_defenseMatch6.2.3.17

ciscofirepower_threat_defenseMatch6.2.3.18

ciscofirepower_threat_defenseMatch6.4.0.5

ciscofirepower_threat_defenseMatch6.4.0.6

ciscofirepower_threat_defenseMatch6.4.0.7

ciscofirepower_threat_defenseMatch6.4.0.8

ciscofirepower_threat_defenseMatch6.4.0.9

ciscofirepower_threat_defenseMatch6.4.0.10

ciscofirepower_threat_defenseMatch6.4.0.11

ciscofirepower_threat_defenseMatch6.4.0.12

ciscofirepower_threat_defenseMatch6.4.0.13

ciscofirepower_threat_defenseMatch6.4.0.14

ciscofirepower_threat_defenseMatch6.4.0.15

ciscofirepower_threat_defenseMatch6.4.0.16

ciscofirepower_threat_defenseMatch6.6.0

ciscofirepower_threat_defenseMatch6.6.0.1

ciscofirepower_threat_defenseMatch6.6.1

ciscofirepower_threat_defenseMatch6.6.3

ciscofirepower_threat_defenseMatch6.6.4

ciscofirepower_threat_defenseMatch6.6.5

ciscofirepower_threat_defenseMatch6.6.5.1

ciscofirepower_threat_defenseMatch6.6.5.2

ciscofirepower_threat_defenseMatch6.6.7

ciscofirepower_threat_defenseMatch6.6.7.1

ciscofirepower_threat_defenseMatch6.7.0

ciscofirepower_threat_defenseMatch6.7.0.1

ciscofirepower_threat_defenseMatch6.7.0.2

ciscofirepower_threat_defenseMatch6.7.0.3

ciscofirepower_threat_defenseMatch7.0.0

ciscofirepower_threat_defenseMatch7.0.0.1

ciscofirepower_threat_defenseMatch7.0.1

ciscofirepower_threat_defenseMatch7.0.1.1

ciscofirepower_threat_defenseMatch7.0.2

ciscofirepower_threat_defenseMatch7.0.2.1

ciscofirepower_threat_defenseMatch7.0.3

ciscofirepower_threat_defenseMatch7.0.4

ciscofirepower_threat_defenseMatch7.0.5

ciscofirepower_threat_defenseMatch7.1.0

ciscofirepower_threat_defenseMatch7.1.0.1

ciscofirepower_threat_defenseMatch7.1.0.2

ciscofirepower_threat_defenseMatch7.1.0.3

ciscofirepower_threat_defenseMatch7.2.0

ciscofirepower_threat_defenseMatch7.2.0.1

ciscofirepower_threat_defenseMatch7.2.1

ciscofirepower_threat_defenseMatch7.2.2

ciscofirepower_threat_defenseMatch7.2.3

ciscofirepower_threat_defenseMatch7.2.4

ciscofirepower_threat_defenseMatch7.3.0

ciscofirepower_threat_defenseMatch7.3.1

ciscofirepower_threat_defenseMatch7.3.1.1

VendorProductVersionCPE
ciscoadaptive_security_appliance_software9.8.1cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.8.1.5cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.5:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.8.1.7cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.7:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.8.2cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.8.2.8cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.8:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.8.2.14cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.14:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.8.2.15cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.15:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.8.2.17cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.17:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.8.2.20cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.20:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.8.2.24cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.24:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	adaptive_security_appliance_software	9.8.1	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1:::::::*
cisco	adaptive_security_appliance_software	9.8.1.5	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.5:::::::*
cisco	adaptive_security_appliance_software	9.8.1.7	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.1.7:::::::*
cisco	adaptive_security_appliance_software	9.8.2	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2:::::::*
cisco	adaptive_security_appliance_software	9.8.2.8	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.8:::::::*
cisco	adaptive_security_appliance_software	9.8.2.14	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.14:::::::*
cisco	adaptive_security_appliance_software	9.8.2.15	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.15:::::::*
cisco	adaptive_security_appliance_software	9.8.2.17	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.17:::::::*
cisco	adaptive_security_appliance_software	9.8.2.20	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.20:::::::*
cisco	adaptive_security_appliance_software	9.8.2.24	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.8.2.24:::::::*