Vulnerabilities > CVE-2023-20270 - Unspecified vulnerability in Cisco Firepower Threat Defense

CVSS 5.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

LOW

network

low complexity

cisco

NVD

Published: 2023-11-01

Updated: 2024-01-25

Summary

A vulnerability in the interaction between the Server Message Block (SMB) protocol preprocessor and the Snort 3 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error-checking when the Snort 3 detection engine is processing SMB traffic. An attacker could exploit this vulnerability by sending a crafted SMB packet stream through an affected device. A successful exploit could allow the attacker to cause the Snort process to reload, resulting in a DoS condition.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Firepower Threat Defense 7.1.0 Cisco Firepower Threat Defense 7.2.0.1 Cisco Firepower Threat Defense 7.1.0.1 Cisco Firepower Threat Defense 7.1.0.2 Cisco Firepower Threat Defense 7.2.0 Cisco Firepower Threat Defense 7.2.1 Cisco Firepower Threat Defense 7.2.2 Cisco Firepower Threat Defense 7.2.3 Cisco Firepower Threat Defense 7.3.1.1 Cisco Firepower Threat Defense 7.3.1 Cisco Firepower Threat Defense 7.3.0 Cisco Firepower Threat Defense 7.1.0.3	12

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-smbsnort3-dos-pfOjOYUV