CVE-2023-20177
Summary
A vulnerability in Cisco Firepower Threat Defense (FTD) Software's SSL file policy implementation could allow an unauthenticated remote attacker to cause the Snort 3 detection engine to restart. This occurs under specific conditions when inspecting SSL/TLS connections with configured URL Categories. A successful exploit can lead to a denial of service or bypass due to the engine's automatic restart.
IFF Assessment
This vulnerability allows for a denial of service or bypass condition, which directly impacts the security posture and availability of affected devices.
Severity
Defender Context
Defenders should prioritize patching or applying workarounds for Cisco FTD Software to mitigate this vulnerability. Organizations using FTD with Snort 3 and specific SSL/TLS configurations should be vigilant for potential DoS or bypass attacks targeting these systems.