1. Home
  2. CVE Database
  3. CVE-2023-20006
HIGH · 8.6

CVE-2023-20006

A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 ...

Vulnerability Description

A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to an implementation error within the cryptographic functions for SSL/TLS traffic processing when they are offloaded to the hardware. An attacker could exploit this vulnerability by sending a crafted stream of SSL/TLS traffic to an affected device. A successful exploit could allow the attacker to cause an unexpected error in the hardware-based cryptography engine, which could cause the device to reload.

CVSS Score

8.6

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
CiscoFirepower Threat Defense7.2.1
CiscoAdaptive Security Appliance Software9.16.4
CiscoFirepower 2110-
CiscoFirepower 2120-
CiscoFirepower 2130-
CiscoFirepower 2140-

Related Weaknesses (CWE)

CWE-681

References

FAQ

What is CVE-2023-20006?

CVE-2023-20006 is a vulnerability with a CVSS score of 8.6 (HIGH). A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 ...

How severe is CVE-2023-20006?

CVE-2023-20006 has been rated HIGH with a CVSS base score of 8.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-20006?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Firepower Threat Defense, Cisco Adaptive Security Appliance Software, Cisco Firepower 2110, Cisco Firepower 2120, Cisco Firepower 2130.