CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Oct 4, 2023
High
CISA KEVRansomwareCVE-2023-20269
Cisco—Adaptive Security Appliance and Firepower Threat Defense
Cisco Adaptive Security Appliance and Firepower Threat Defense contain an unauthorized access vulnerability that could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or establish a clientless SSL VPN session with an unauthorized user.
Required Action
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ravpn-auth-8LyfCkeC; https://nvd.nist.gov/vuln/detail/CVE-2023-20269
Vulnerability Overview
- Severity
- High
- CISA KEV
- Yes
- Ransomware
- Known
- Published
- Sep 13, 2023
- KEV Added
- Sep 13, 2023
- Due Date
- Oct 4, 2023
- Related Articles
- 0
Vendor
Cisco
Adaptive Security Appliance and Firepower Threat Defense