How severe is CVE-2023-20071?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.8 out of 10.

What type of vulnerability is CVE-2023-20071?

This is classified as CWE-1039, which is a common weakness in software security.

CVE-2023-20071

MEDIUM Year: 2023

CVSS v3 Score

5.8

Medium

Weakness Type

CWE-1039

View all →

Vulnerability Description

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and deliver a malicious payload.

CVE-2025-26644

MEDIUM

CVSS:5.1(Medium)

Automated recognition mechanism with inadequate detection or handling of adversarial input perturbations in Windows Hello allows an unauthorized attacker to perform spoofing locally.

CWE-10392025

CVE-2025-26644

MEDIUM

CVSS:5.1(Medium)

Automated recognition mechanism with inadequate detection or handling of adversarial input perturbations in Windows Hello allows an unauthorized attacker to perform spoofing locally.

CWE-10392025

CVE-2025-3578

CRITICAL

A malicious, authenticated user in Aidex, versions prior to 1.7, could list credentials of other users, create or modify existing users in the application, list credentials of users in production or d...

CWE-10392025

CVE-2023-20071

Vulnerability Description

Related Vulnerabilities

CVE-2025-26644

CVE-2025-26644

CVE-2025-3578