CVE-2024-20342

CWE-10254 documents4 sources

Severity

8.6HIGH

EPSS

0.1%

top 83.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Firepower Threat Defense Software Cisco Snort Cisco Cisco Firepower Threat Defense Software

Timeline

PublishedOct 23

Description

Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter. This vulnerability is due to an incorrect connection count comparison. An attacker could exploit this vulnerability by sending traffic through an affected device at a rate that exceeds a configured rate filter. A successful exploit could allow the attacker to successfully bypass the r…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages3 packages

▶NVDcisco/snort3.0.0.0 — 3.1.74.0

▶NVDcisco/firepower_threat_defense_software7.2.0 — 7.2.6+4

▶CVEListV5cisco/cisco_firepower_threat_defense_software32 versions+31

🔴Vulnerability Details

CVEList

Cisco Firepower Threat Defense Software Rate Filter Bypass Vulnerability↗2024-10-23

▶

GHSA

GHSA-hf42-4qwp-gc9r: Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticate↗2024-10-23

▶

📋Vendor Advisories

Cisco

Multiple Cisco Products Snort Rate Filter Bypass Vulnerability↗2024-10-23

▶