CVE-2020-3315
MEDIUMCisco Firepower Threat Defense < 6.6.0 - Unauthenticated File Policy Bypass via Crafted HTTP Packets
Title source: llmDescription
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and deliver a malicious payload to the protected network.
References (3)
Core 3
Core References
Vendor Advisory vendor-advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort_filepolbypass-m4X5DgOP
Mailing List mailing-list
https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html
Third Party Advisory vendor-advisory
https://www.debian.org/security/2023/dsa-5354
Scores
CVSS v3
5.3
EPSS
0.0110
EPSS Percentile
78.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-693
CWE-668
Status
published
Products (7)
cisco/firepower_threat_defense
< 6.6.0
cisco/ios
15.2\(7\)e
cisco/ios
16.11.2
cisco/ios
17.3.1
cisco/secure_firewall_management_center
2.9.14.4
cisco/secure_firewall_management_center
2.9.15
cisco/secure_firewall_management_center
2.9.16
Published
May 06, 2020
Tracked Since
Feb 18, 2026