CVE-2023-20215
First published: Thu Aug 03 2023(Updated: )
A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass a configured rule, allowing traffic onto a network that should have been blocked. This vulnerability is due to improper detection of malicious traffic when the traffic is encoded with a specific content format. An attacker could exploit this vulnerability by using an affected device to connect to a malicious server and receiving crafted HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device.
Credit: ykramarz@cisco.com ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco AsyncOS | =11.7.0-406 | |
| Cisco AsyncOS | =11.7.0-418 | |
| Cisco AsyncOS | =11.7.1-006 | |
| Cisco AsyncOS | =11.7.1-020 | |
| Cisco AsyncOS | =11.7.1-049 | |
| Cisco AsyncOS | =11.7.2-011 | |
| Cisco AsyncOS | =11.8.0-414 | |
| Cisco AsyncOS | =11.8.1-023 | |
| Cisco AsyncOS | =11.8.3-018 | |
| Cisco AsyncOS | =11.8.3-021 | |
| Cisco AsyncOS | =12.0.1-268 | |
| Cisco AsyncOS | =12.0.3-007 | |
| Cisco AsyncOS | =12.5.1-011 | |
| Cisco AsyncOS | =12.5.2-007 | |
| Cisco AsyncOS | =12.5.4-005 | |
| Cisco AsyncOS | =12.5.5-004 | |
| Cisco AsyncOS | =14.0.2-012 | |
| Cisco AsyncOS | =14.0.3-014 | |
| Cisco AsyncOS | =14.0.4-005 | |
| Cisco AsyncOS | =14.5.0-498 | |
| Cisco AsyncOS | =14.5.1-008 | |
| Cisco AsyncOS | =14.5.1-016 | |
| Cisco S195 | ||
| Cisco S395 | ||
| Cisco S695 | ||
| Cisco Web Security Appliance S170 | ||
| Cisco Web Security Appliance S190 | ||
| Cisco Web Security Appliance S380 | ||
| Cisco Web Security Appliance S390 | ||
| Cisco Web Security Appliance S680 | ||
| Cisco Web Security Appliance S690 | ||
| Cisco Web Security Appliance S690x | ||
| All of | ||
| Any of | ||
| Cisco AsyncOS | =11.7.0-406 | |
| Cisco AsyncOS | =11.7.0-418 | |
| Cisco AsyncOS | =11.7.1-006 | |
| Cisco AsyncOS | =11.7.1-020 | |
| Cisco AsyncOS | =11.7.1-049 | |
| Cisco AsyncOS | =11.7.2-011 | |
| Cisco AsyncOS | =11.8.0-414 | |
| Cisco AsyncOS | =11.8.1-023 | |
| Cisco AsyncOS | =11.8.3-018 | |
| Cisco AsyncOS | =11.8.3-021 | |
| Cisco AsyncOS | =12.0.1-268 | |
| Cisco AsyncOS | =12.0.3-007 | |
| Cisco AsyncOS | =12.5.1-011 | |
| Cisco AsyncOS | =12.5.2-007 | |
| Cisco AsyncOS | =12.5.4-005 | |
| Cisco AsyncOS | =12.5.5-004 | |
| Cisco AsyncOS | =14.0.2-012 | |
| Cisco AsyncOS | =14.0.3-014 | |
| Cisco AsyncOS | =14.0.4-005 | |
| Cisco AsyncOS | =14.5.0-498 | |
| Cisco AsyncOS | =14.5.1-008 | |
| Cisco AsyncOS | =14.5.1-016 | |
| Any of | ||
| Cisco S195 | ||
| Cisco S395 | ||
| Cisco S695 | ||
| Cisco Web Security Appliance S170 | ||
| Cisco Web Security Appliance S190 | ||
| Cisco Web Security Appliance S380 | ||
| Cisco Web Security Appliance S390 | ||
| Cisco Web Security Appliance S680 | ||
| Cisco Web Security Appliance S690 | ||
| Cisco Web Security Appliance S690x |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-20215?
CVE-2023-20215 is a vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance that could allow an unauthenticated, remote attacker to bypass a configured rule.
How does CVE-2023-20215 affect Cisco AsyncOS Software?
CVE-2023-20215 affects Cisco AsyncOS Software versions 11.7.0-406 through 14.5.1-016.
What is the severity of CVE-2023-20215?
The severity of CVE-2023-20215 is medium, with a severity value of 5.8.
How can an attacker exploit CVE-2023-20215?
An attacker can exploit CVE-2023-20215 by sending malicious traffic that bypasses a configured rule on the Cisco Secure Web Appliance.
Is there a fix for CVE-2023-20215?
Yes, Cisco has released software updates to address the vulnerability. Please refer to the Cisco Security Advisory for more information and apply the necessary updates.
- collector/nvd-latest
- collector/nvd-index
- agent/author
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/cisco
- canonical/cisco asyncos
- version/cisco asyncos/11.7.0-406
- version/cisco asyncos/11.7.0-418
- version/cisco asyncos/11.7.1-006
- version/cisco asyncos/11.7.1-020
- version/cisco asyncos/11.7.1-049
- version/cisco asyncos/11.7.2-011
- version/cisco asyncos/11.8.0-414
- version/cisco asyncos/11.8.1-023
- version/cisco asyncos/11.8.3-018
- version/cisco asyncos/11.8.3-021
- version/cisco asyncos/12.0.1-268
- version/cisco asyncos/12.0.3-007
- version/cisco asyncos/12.5.1-011
- version/cisco asyncos/12.5.2-007
- version/cisco asyncos/12.5.4-005
- version/cisco asyncos/12.5.5-004
- version/cisco asyncos/14.0.2-012
- version/cisco asyncos/14.0.3-014
- version/cisco asyncos/14.0.4-005
- version/cisco asyncos/14.5.0-498
- version/cisco asyncos/14.5.1-008
- version/cisco asyncos/14.5.1-016
- canonical/cisco s195
- canonical/cisco s395
- canonical/cisco s695
- canonical/cisco web security appliance s170
- canonical/cisco web security appliance s190
- canonical/cisco web security appliance s380
- canonical/cisco web security appliance s390
- canonical/cisco web security appliance s680
- canonical/cisco web security appliance s690
- canonical/cisco web security appliance s690x