CVE-2023-20267

MEDIUM

Cisco Firepower Threat Defense 6.7.0-7.3.1.1 - Unauthenticated IP Geolocation Rule Bypass

Title source: llm

Description

A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This vulnerability exists because the configuration for IP geolocation rules is not parsed properly. An attacker could exploit this vulnerability by spoofing an IP address until they bypass the restriction. A successful exploit could allow the attacker to bypass location-based IP address restrictions.

References (1)

Core 1

Core References

Vendor Advisory

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-bypass-LMz2ThKn

Scores

CVSS v3 4.0

EPSS 0.0001

EPSS Percentile 1.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-284

Status published

Products (1)

cisco/firepower_threat_defense 6.7.0 - 7.3.1.1

Published Nov 01, 2023

Tracked Since Feb 18, 2026