Cisco Releases Security Advisories for Multiple Products - 20231106001

Overview

Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

What is the vulnerability?

CVE-2023-20048 - CVSS v3 Base Score: 9.9

CVE-2023-20175 - CVSS v3 Base Score: 8.8

CVE-2023-20170 - CVSS v3 Base Score: 6.0

CVE-2023-20195 - CVSS v3 Base Score: 4.7

CVE-2023-20196 - CVSS v3 Base Score: 4.7

CVE-2023-20213 - CVSS v3 Base Score: 4.3

CVE-2023-20244 - CVSS v3 Base Score: 8.6

CVE-2023-20083 - CVSS v3 Base Score: 8.6

CVE-2023-20063 - CVSS v3 Base Score: 8.2

CVE-2023-20155 - CVSS v3 Base Score: 7.5

CVE-2023-20219 - CVSS v3 Base Score: 7.2

CVE-2023-20220 - CVSS v3 Base Score: 7.2

CVE-2023-20095 - CVSS v3 Base Score: 8.6

CVE-2023-20086 - CVSS v3 Base Score: 8.6

What is vulnerable?

The vulnerability affects the following Cisco products:

• Cisco Firepower Management Center Software Command Injection Vulnerability affects Cisco Firepower Management Center product versions as listed here
• Cisco Identity Services Engine Command Injection Vulnerabilities affects Cisco Identity Services Engine Software versions as listed here
• Cisco Identity Services Engine Vulnerabilities affects Cisco Identity Services Engine Software versions as listed here
• Cisco Firepower Threat Defense Software for Cisco Firepower 2100 Series Firewalls Inspection Rules Denial of Service Vulnerability affects Cisco Firepower Threat Defense Software versions as listed here
• Cisco Firepower Threat Defense Software ICMPv6 with Snort 2 Denial of Service Vulnerability affects Cisco Firepower Threat Defense Software versions as listed here
• Cisco Firepower Threat Defense Software and Firepower Management Center Software Code Injection Vulnerability affects Cisco Firepower Management Center versions as listed here
• Cisco Firepower Management Center Software Log API Denial of Service Vulnerability affects Cisco Firepower Management Center versions as listed here
• Cisco Firepower Management Center Software Command Injection Vulnerabilities affects Cisco Firepower Management Center versions as listed here and here
• Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Access VPN Denial of Service Vulnerability affects Cisco Adaptive Security Appliance (ASA) Software versions as listed here
• Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software ICMPv6 Message Processing Denial of Service Vulnerability affects Cisco Adaptive Security Appliance (ASA) Software versions as listed here

What has been observed?

There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.

Recommendation

The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of one month (refer Patch Management):

• CISA Alerts

Additional References

• Cisco security advisories