CVE-2023-20215

A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass a configured rule, allowing traffic onto a network that should have been blocked.

This vulnerability is due to improper detection of malicious traffic when the traffic is encoded with a specific content format. An attacker could exploit this vulnerability by using an affected device to connect to a malicious server and receiving crafted HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device.

Published: Aug 4, 2023
Updated: Aug 12, 2023
CVE: CVE-2023-20215
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.3
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
cisco / asyncos	11.7.0-406	11.7.0-406.x
cisco / asyncos	11.7.0-418	11.7.0-418.x
cisco / asyncos	11.7.1-006	11.7.1-006.x
cisco / asyncos	11.7.1-020	11.7.1-020.x
cisco / asyncos	11.7.1-049	11.7.1-049.x
cisco / asyncos	11.7.2-011	11.7.2-011.x
cisco / asyncos	11.8.0-414	11.8.0-414.x
cisco / asyncos	11.8.1-023	11.8.1-023.x
cisco / asyncos	11.8.3-018	11.8.3-018.x
cisco / asyncos	11.8.3-021	11.8.3-021.x
cisco / asyncos	12.0.1-268	12.0.1-268.x
cisco / asyncos	12.0.3-007	12.0.3-007.x
cisco / asyncos	12.5.1-011	12.5.1-011.x
cisco / asyncos	12.5.2-007	12.5.2-007.x
cisco / asyncos	12.5.4-005	12.5.4-005.x
cisco / asyncos	12.5.5-004	12.5.5-004.x
cisco / asyncos	14.0.2-012	14.0.2-012.x
cisco / asyncos	14.0.3-014	14.0.3-014.x
cisco / asyncos	14.0.4-005	14.0.4-005.x
cisco / asyncos	14.5.0-498	14.5.0-498.x
cisco / asyncos	14.5.1-008	14.5.1-008.x
cisco / asyncos	14.5.1-016	14.5.1-016.x

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-bypass-vXvqwzsj

Vulnerability Database

289,697

CVE-2023-20215