CVE-2023-20071

Name of the Vulnerable Software and Affected Versions Cisco Firepower Threat Defense (FTD) (affected versions not specified) Multiple Cisco products (affected versions not specified)

Description The issue is due to a flaw in the FTP module of the Snort detection engine, which could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. An attacker could exploit this by sending crafted FTP traffic through an affected device, potentially allowing them to bypass FTP inspection and deliver a malicious payload. The vulnerability is related to insufficient detection or handling of adverse input disturbances.

Recommendations For Cisco Firepower Threat Defense (FTD), consider disabling the FTP module of the Snort detection engine as a temporary workaround until a patch is available. For Multiple Cisco products, restrict access to the FTP module to minimize the risk of exploitation until a fix is provided. Avoid using the FTP protocol in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.