CVE-2023-20246

Name
CVE-2023-20246
Description
Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a logic error that occurs when the access control policies are being populated. An attacker could exploit this vulnerability by establishing a connection to an affected device. A successful exploit could allow the attacker to bypass configured access control rules on the affected system.
NVD Severity
unknown
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3acp-bypass-3bdR2BEh

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:snort:snort:*:*:*:*:*:*:*:* snort >= None < 3.1.57.0
cpe:2.3:a:snort:snort:*:*:*:*:*:*:*:* snort >= 3.0.0 < 3.1.57.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
snort 3.18-main 2.9.20-r1 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
snort 3.17-main 2.9.20-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
snort 3.16-main 2.9.19-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
snort 3.15-main 2.9.18-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable