CVE-2023-20215

A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass a configured rule, allowing traffic onto a network that should have been blocked.

 This vulnerability is due to improper detection of malicious traffic when the traffic is encoded with a specific content format. An attacker could exploit this vulnerability by using an affected device to connect to a malicious server and receiving crafted HTTP responses. A successful exploit could allow the attacker to bypass an explicit block rule and receive traffic that should have been rejected by the device.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.8 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
ciscoCNA
5.8 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 20%
VendorProductVersion
ciscoasyncos
11.7.0-406
ciscoasyncos
11.7.0-418
ciscoasyncos
11.7.1-006
ciscoasyncos
11.7.1-020
ciscoasyncos
11.7.1-049
ciscoasyncos
11.7.2-011
ciscoasyncos
11.8.0-414
ciscoasyncos
11.8.1-023
ciscoasyncos
11.8.3-018
ciscoasyncos
11.8.3-021
ciscoasyncos
12.0.1-268
ciscoasyncos
12.0.3-007
ciscoasyncos
12.5.1-011
ciscoasyncos
12.5.2-007
ciscoasyncos
12.5.4-005
ciscoasyncos
12.5.5-004
ciscoasyncos
14.0.2-012
ciscoasyncos
14.0.3-014
ciscoasyncos
14.0.4-005
ciscoasyncos
14.5.0-498
ciscoasyncos
14.5.1-008
ciscoasyncos
14.5.1-016
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-bypass-vXvqwzsj
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-bypass-vXvqwzsj