CVE-2023-20275: 
Cisco Adaptive Security Appliance (ASA) vulnerability analysis and mitigation

A vulnerability (CVE-2023-20275) was discovered in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software. The vulnerability was disclosed on December 5, 2023, and received a CVSS v3.1 base score of 4.1 (Medium). This security flaw affects systems with the AnyConnect SSL VPN feature enabled, while the AnyConnect clientless SSL VPN feature remains unaffected (Cisco Advisory).

The vulnerability stems from improper validation of the packet's inner source IP address after decryption in the AnyConnect SSL VPN feature. The issue is classified as CWE-346 (Origin Validation Error). The vulnerability received a CVSS v3.1 Vector of CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N, indicating network accessibility, low attack complexity, and required user interaction (Cisco Advisory, NVD).

A successful exploitation of this vulnerability allows an authenticated, remote attacker to send packets impersonating another VPN user's source IP address. However, it's important to note that the attacker cannot receive return packets, limiting the scope of potential abuse (Cisco Advisory).

Cisco has released software updates to address this vulnerability. No workarounds are available for this security issue. Organizations using affected products should obtain security fixes through their usual update channels. Customers with service contracts can access the updates through their regular software update process (Cisco Advisory).