CVE-2023-20215

Summary

A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass a configured rule, allowing traffic onto a network that should have been blocked. This vulnerability is due to improper detection of malicious traffic when the traffic is encoded with a specific content format. An attacker could exploit this vulnerability by using an affected device to connect to a malicious server and receiving crafted HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device.

Affected Software

VendorProductVersion RangeStatus
CiscoCisco Secure Web Appliance11.7.0-406affected
CiscoCisco Secure Web Appliance11.7.0-418affected
CiscoCisco Secure Web Appliance11.7.1-049affected
CiscoCisco Secure Web Appliance11.7.1-006affected
CiscoCisco Secure Web Appliance11.7.1-020affected
CiscoCisco Secure Web Appliance11.7.2-011affected
CiscoCisco Secure Web Appliance11.8.0-414affected
CiscoCisco Secure Web Appliance11.8.1-023affected
CiscoCisco Secure Web Appliance11.8.3-018affected
CiscoCisco Secure Web Appliance11.8.3-021affected
CiscoCisco Secure Web Appliance12.0.1-268affected
CiscoCisco Secure Web Appliance12.0.3-007affected
CiscoCisco Secure Web Appliance12.5.2-007affected
CiscoCisco Secure Web Appliance12.5.1-011affected
CiscoCisco Secure Web Appliance12.5.4-005affected
CiscoCisco Secure Web Appliance12.5.5-004affected
CiscoCisco Secure Web Appliance14.5.0-498affected
CiscoCisco Secure Web Appliance14.5.1-016affected
CiscoCisco Secure Web Appliance14.0.3-014affected
CiscoCisco Secure Web Appliance14.0.2-012affected
CiscoCisco Secure Web Appliance14.0.4-005affected

Weaknesses

  • CWE-202: Exposure of Sensitive Information Through Data Queries

ADP Enrichment

CVE Program Container

Additional References

References