CVE-2024-20351

CWE-400 — Uncontrolled Resource Consumption4 documents4 sources

Severity

7.5HIGH

EPSS

1.4%

top 19.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Cisco Firepower Threat Defense Software Cisco Firepower Threat Defense Software

Timeline

PublishedOct 23

Description

A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense (FTD) Software and Cisco FirePOWER Services could allow an unauthenticated, remote attacker to cause legitimate network traffic to be dropped, resulting in a denial of service (DoS) condition. This vulnerability is due to the improper handling of TCP/IP network traffic. An attacker could exploit this vulnerability by sending a large amount of TCP/IP network traffic through the…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 3.9 | Impact: 4.0

Affected Packages2 packages

▶NVDcisco/firepower_threat_defense_software85 versions+84

▶CVEListV5cisco/cisco_firepower_threat_defense_software85 versions+84

🔴Vulnerability Details

CVEList

Cisco Firepower Threat Defense Software Snort Firewall Denial of Service Vulnerability↗2024-10-23

▶

GHSA

GHSA-4qrp-r28g-j2vf: A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense (FTD) Software and Cisco FireP↗2024-10-23

▶

📋Vendor Advisories

Cisco

Cisco Firepower Threat Defense Software and Cisco FirePOWER Services TCP/IP Traffic with Snort 2 and Snort 3 Denial of Service Vulnerability↗2024-10-23

▶