Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-20042

A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an implementation error within the SSL/TLS session handling process that can prevent the release of a session handler under specific conditions. An attacker could exploit this vulnerability by sending crafted SSL/TLS traffic to an affected device, increasing the probability of session handler leaks. A successful exploit could allow the attacker to eventually deplete the available session handler pool, preventing new sessions from being established and causing a DoS condition.

Published

2023-11-01T18:15:08.843

Last Modified

2024-11-21T07:40:25.200

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.8 (MEDIUM)

Weaknesses

Type: Secondary
CWE-404
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	cisco	firepower_threat_defense	7.0.0	Yes
Application	cisco	firepower_threat_defense	7.0.0.1	Yes
Application	cisco	firepower_threat_defense	7.0.1	Yes
Application	cisco	firepower_threat_defense	7.0.1.1	Yes
Application	cisco	firepower_threat_defense	7.0.2	Yes
Application	cisco	firepower_threat_defense	7.0.2.1	Yes
Application	cisco	firepower_threat_defense	7.0.3	Yes
Application	cisco	firepower_threat_defense	7.0.4	Yes
Application	cisco	firepower_threat_defense	7.0.5	Yes
Application	cisco	firepower_threat_defense	7.1.0	Yes
Application	cisco	firepower_threat_defense	7.1.0.1	Yes
Application	cisco	firepower_threat_defense	7.1.0.2	Yes
Application	cisco	firepower_threat_defense	7.1.0.3	Yes
Application	cisco	firepower_threat_defense	7.2.0	Yes
Application	cisco	firepower_threat_defense	7.2.0.1	Yes
Application	cisco	firepower_threat_defense	7.2.1	Yes
Application	cisco	firepower_threat_defense	7.2.2	Yes
Application	cisco	firepower_threat_defense	7.2.3	Yes
Application	cisco	firepower_threat_defense	7.3.0	Yes
Application	cisco	firepower_threat_defense	7.3.1	Yes
Application	cisco	firepower_threat_defense	7.3.1.1	Yes
Operating System	cisco	adaptive_security_appliance_software	9.16.1	Yes
Operating System	cisco	adaptive_security_appliance_software	9.16.1.28	Yes
Operating System	cisco	adaptive_security_appliance_software	9.16.2	Yes
Operating System	cisco	adaptive_security_appliance_software	9.16.2.3	Yes
Operating System	cisco	adaptive_security_appliance_software	9.16.2.7	Yes
Operating System	cisco	adaptive_security_appliance_software	9.16.2.11	Yes
Operating System	cisco	adaptive_security_appliance_software	9.16.2.13	Yes
Operating System	cisco	adaptive_security_appliance_software	9.16.2.14	Yes
Operating System	cisco	adaptive_security_appliance_software	9.16.3	Yes
Operating System	cisco	adaptive_security_appliance_software	9.16.3.3	Yes
Operating System	cisco	adaptive_security_appliance_software	9.16.3.14	Yes
Operating System	cisco	adaptive_security_appliance_software	9.16.3.15	Yes
Operating System	cisco	adaptive_security_appliance_software	9.16.3.19	Yes
Operating System	cisco	adaptive_security_appliance_software	9.16.3.23	Yes
Operating System	cisco	adaptive_security_appliance_software	9.16.4	Yes
Operating System	cisco	adaptive_security_appliance_software	9.16.4.9	Yes
Operating System	cisco	adaptive_security_appliance_software	9.17.1	Yes
Operating System	cisco	adaptive_security_appliance_software	9.17.1.7	Yes
Operating System	cisco	adaptive_security_appliance_software	9.17.1.9	Yes
Operating System	cisco	adaptive_security_appliance_software	9.17.1.10	Yes
Operating System	cisco	adaptive_security_appliance_software	9.17.1.11	Yes
Operating System	cisco	adaptive_security_appliance_software	9.17.1.13	Yes
Operating System	cisco	adaptive_security_appliance_software	9.17.1.15	Yes
Operating System	cisco	adaptive_security_appliance_software	9.17.1.20	Yes
Operating System	cisco	adaptive_security_appliance_software	9.18.1	Yes
Operating System	cisco	adaptive_security_appliance_software	9.18.1.3	Yes
Operating System	cisco	adaptive_security_appliance_software	9.18.2	Yes
Operating System	cisco	adaptive_security_appliance_software	9.18.2.5	Yes
Operating System	cisco	adaptive_security_appliance_software	9.18.2.7	Yes
Operating System	cisco	adaptive_security_appliance_software	9.19.1	Yes

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-kxG8mpUA Vendor Advisory ([email protected])
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-kxG8mpUA Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)