CVE-2020-3315

MEDIUM

Cisco Products - Auth Bypass

Title source: llm

Description

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and deliver a malicious payload to the protected network.

References (3)

[Mailing List] https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html

[Vendor Advisory] https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort_filepolbypass-m4X5DgOP

[Third Party Advisory] https://www.debian.org/security/2023/dsa-5354

Scores

CVSS v3 5.3

EPSS 0.0110

EPSS Percentile 77.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Classification

CWE

CWE-693 CWE-668

Status published

Affected Products (7)

cisco/firepower_threat_defense < 6.6.0

cisco/secure_firewall_management_center

cisco/ios

Timeline

Published May 06, 2020

Tracked Since Feb 18, 2026