Boletines de Vulnerabilidades

Cisco Firepower Threat Defense Software Snort 3 Geolocation IP Filter Bypass Vulnerability

Información sobre el sistema
   
Software afectado Cisco

Descripción
A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This vulnerability exists because the configuration for IP geolocation rules is not parsed properly. An attacker could exploit this vulnerability by spoofing an IP address until they bypass the restriction. A successful exploit could allow the attacker to bypass location-based IP address restrictions. Cisco has released software updates that

More info:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-bypass-LMz2ThKn?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Firepower%20Threat%20Defense%20Software%20Snort%203%20Geolocation%20IP%20Filter%20Bypass%20Vulnerability&vs_k=1

Identificadores estándar
Propiedad Valor
CVE CVE-2023-20267.

Histórico de versiones
Versión Comentario Fecha

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT