cbcvebase.
CVE-2024-20353
published 2024-04-24

CVE-2024-20353: A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software…

high8.6CVSS 3.1
AVNACLPRNUINSCCNINAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2024-05-01
Exploited in the wild
A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to incomplete error checking when parsing an HTTP header. An attacker could exploit this vulnerability by sending a crafted HTTP request to a targeted web server on a device. A successful exploit could allow the attacker to cause a DoS condition when the device reloads.

Affected

535 ranges· showing 25
VendorProductVersion rangeFixed in
ciscoadaptive_security_appliance_and_firepower_threat_defense
ciscoadaptive_security_appliance_software
ciscoadaptive_security_appliance_software
ciscoadaptive_security_appliance_software
ciscoadaptive_security_appliance_software
ciscoadaptive_security_appliance_software
ciscoadaptive_security_appliance_software
ciscoadaptive_security_appliance_software
ciscoadaptive_security_appliance_software
ciscoadaptive_security_appliance_software
ciscoadaptive_security_appliance_software
ciscoadaptive_security_appliance_software
ciscoadaptive_security_appliance_software
ciscoadaptive_security_appliance_software
ciscoadaptive_security_appliance_software
ciscoadaptive_security_appliance_software
ciscoadaptive_security_appliance_software
ciscoadaptive_security_appliance_software
ciscoadaptive_security_appliance_software
ciscoadaptive_security_appliance_software
ciscoadaptive_security_appliance_software
ciscoadaptive_security_appliance_software
ciscoadaptive_security_appliance_software
ciscoadaptive_security_appliance_software
ciscoadaptive_security_appliance_software

CVSS provenance

nvdv3.18.6HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
vulncheck8.6HIGH
cisa8.6HIGH