vulnerability

Cisco FTD: CVE-2023-20267: Cisco Firepower Threat Defense Software Snort 3 Geolocation IP Filter Bypass Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:P/A:N)	Nov 1, 2023	Jan 29, 2025	Jan 19, 2026

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:P/A:N)

Published

Nov 1, 2023

Added

Jan 29, 2025

Modified

Jan 19, 2026

Description

A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This vulnerability exists because the configuration for IP geolocation rules is not parsed properly. An attacker could exploit this vulnerability by spoofing an IP address until they bypass the restriction. A successful exploit could allow the attacker to bypass location-based IP address restrictions.

Solution

cisco-ftd-upgrade-latest

References

CVE-2023-20267
https://attackerkb.com/topics/CVE-2023-20267
URL-https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-bypass-LMz2ThKn
CISCO-cisco-sa-ftdsnort3sip-bypass-LMz2ThKn
CWE-284

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today