CVE-2023-20267

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Nov 1, 2023

Updated: Jan 25, 2024

CWE ID 284

Summary

CVE-2023-20267 is a vulnerability affecting Snort 3's IP geolocation rules. An attacker, without authentication, can potentially bypass IP address restrictions by spoofing an IP address due to improper parsing of IP geolocation rule configurations. Exploiting this vulnerability could enable an attacker to bypass location-based IP address restrictions, allowing unauthorized access.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Cisco Firepower Threat Defense

Affected Vendors

Cisco Systems Inc

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tO9jMI
https://www.cve.org/CVERecord?id=CVE-2023-20267
https://nvd.nist.gov/vuln/detail/CVE-2023-20267

Back to Vulnerability Database