CVE-2024-20402

CWE-7884 documents4 sources

Severity

8.6HIGH

EPSS

0.8%

top 25.26%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Cisco Adaptive Security Appliance (asa) Software Cisco Cisco Firepower Threat Defense Software Cisco Adaptive Security Appliance Software +1 more

Timeline

PublishedOct 23

Description

A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a logic error in memory management when the device is handling SSL VPN connections. An attacker could exploit this vulnerability by sending crafted SSL/TLS packets to the SSL VPN …

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 3.9 | Impact: 4.0

Affected Packages4 packages

▶NVDcisco/adaptive_security_appliance_software195 versions+194

▶CVEListV5cisco/cisco_firepower_threat_defense_software87 versions+86

▶CVEListV5cisco/cisco_adaptive_security_appliance_(asa)_software195 versions+194

▶NVDcisco/firepower_threat_defense87 versions+86

🔴Vulnerability Details

GHSA

GHSA-2jcv-f397-c9m8: A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could al↗2024-10-23

▶

CVEList

CVE-2024-20402: A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could al↗2024-10-23

▶

📋Vendor Advisories

Cisco

Cisco Adaptive Security Appliance and Firepower Threat Defense Software SSL VPN Memory Management Denial of Service Vulnerability↗2024-10-23

▶