CVE-2020-3315
Description
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and deliver a malicious payload to the protected network.
Risk Information
Base Score
5.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS Score
Exploitation Probability
1.1
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| snort security update(DSA-5354-1) snort_2.9.20-0+deb11u1_amd64.deb | Linux |
| snort security update(DSA-5354-1) snort_2.9.20-0+deb11u1_i386.deb | Linux |
| Multiple Cisco Products SNORT HTTP Detection Engine File Policy Bypass Vulnerability For Cisco 4000 Series Integrated Services Routers | NCM |
| Multiple Cisco Products SNORT HTTP Detection Engine File Policy Bypass Vulnerability For Cisco Firepower Threat Defense Software | NCM |
| Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability For Cisco Firepower Management Center | NCM |
| Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability For Cisco ASR 1000 Series Aggregation Services Routers | NCM |
| Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability For Cisco Cloud Services Router 1000V Series | NCM |
| Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability For Cisco 1000 Series Integrated Services Routers | NCM |
| Exposure of Resource to Wrong Sphere Vulnerability (CVE-2020-3315) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1705901 | Security Update for Cisco 4000 Series Integrated Services Routers Denali-16.3.4a |
| PATCH-1706067 | Security Update for Cisco Firepower Threat Defense Software Gibraltar-16.12.5 |
| PATCH-1700780 | Security Update for Cisco Firepower Management Center 6.7.0 |
| PATCH-1705898 | Security Update for Cisco ASR 1000 Series Aggregation Services Routers Denali-16.3.4a |
| PATCH-1705899 | Security Update for Cisco Cloud Services Router 1000V Series Denali-16.3.4a |
| PATCH-1705902 | Security Update for Cisco 1000 Series Integrated Services Routers Denali-16.3.4a |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234