Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and deliver a malicious payload to the protected network.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N
Vendors Products
Cisco
  • 1100-4g Integrated Services Router
  • Isa-3000-4c-k9
  • Ios
  • 111x Integrated Services Router
  • 1100-lte Integrated Services Router
  • 4431 Integrated Services Router
  • Csr1000v
  • Firepower Management Center
  • Isa-3000-2c2f-k9
  • 1100-6g Integrated Services Router
  • 1160 Integrated Services Router
  • 1120 Integrated Services Router
  • 1101 Integrated Services Router
  • 4461 Integrated Services Router
  • 1109 Integrated Services Router
  • 4331 Integrated Services Router
  • Firepower Threat Defense
  • 1111x Integrated Services Router
  • 4221 Integrated Services Router

Configuration 1 [-]

OR cpe:2.3:a:cisco:firepower_management_center:2.9.14.4:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_management_center:2.9.15:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_management_center:2.9.16:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND
OR cpe:2.3:a:cisco:ios:15.2\(7\)e:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:16.11.2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:17.3.1:*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1100-lte_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:csr1000v:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:isa-3000-2c2f-k9:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:isa-3000-4c-k9:-:*:*:*:*:*:*:*
References
Link Resource
https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort_filepolbypass-m4X5DgOP Vendor Advisory
https://www.debian.org/security/2023/dsa-5354
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: cisco

Published: 2020-05-06T00:00:00

Updated: 2023-02-19T00:00:00

Reserved: 2019-12-12T00:00:00

Link: CVE-2020-3315

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2020-05-06T17:15:13.823

Modified: 2023-05-23T13:55:46.380

Link: CVE-2020-3315

JSON object: View

cve-icon Redhat Information

No data.

CWE