Cisco Firepower Threat Defense vulnerabilities

CVE-2024-20293 [MEDIUM] CWE-436 CVE-2024-20293: A vulnerability in the activation of an access control list (ACL) on Cisco Adaptive Security Applian A vulnerability in the activation of an access control list (ACL) on Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected device. This vulnerability is due to a logic error that occ

CVE-2024-20363 [MEDIUM] CWE-290 CVE-2024-20363: Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System (IP Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System (IPS) rule engine that could allow an unauthenticated, remote attacker to bypass the configured rules on an affected system. This vulnerability is due to incorrect HTTP packet handling. An attacker could exploit this vulnerability by sending crafted HTTP

CVE-2024-20355 [MEDIUM] CWE-862 CVE-2024-20355: A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN service A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN services in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to successfully establish a VPN session on an affected device. This vulnerability is due to improper

CVE-2024-20261 [MEDIUM] CWE-284 CVE-2024-20261: A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured file policy to block an encrypted archive file. This vulnerability exists because of a logic error when a specific class of encrypted archive

CVE-2024-20353 [HIGH] CWE-835 CVE-2024-20353: A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) So A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to incomplete error checking

CVE-2024-20359 [MEDIUM] CWE-94 CVE-2024-20359: A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins a A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level priv

CVE-2023-20275 [MEDIUM] CWE-346 CVE-2023-20275: A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Softwar A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to send packets with another VPN user's source IP address. This vulnerability is due to improper validation of the packet's inner source IP address after

CVE-2023-20095 [HIGH] CWE-772 CVE-2023-20095: A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of HTTPS requests. An attacker could ex

CVE-2023-20063 [HIGH] CWE-94 CVE-2023-20063: A vulnerability in the inter-device communication mechanisms between devices that are running Cisco A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary commands with root permissions on the underlying operating system of an affect

CVE-2023-20086 [HIGH] CWE-248 CVE-2023-20086: A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco F A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper processing of ICMPv6 messages. An attacker could exploit this vulnerability by sen

CVE-2023-20244 [HIGH] CWE-771 CVE-2023-20244: A vulnerability in the internal packet processing of Cisco Firepower Threat Defense (FTD) Software f A vulnerability in the internal packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Firewalls could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain packets when they are sent to the insp

CVE-2023-20042 [MEDIUM] CWE-404 CVE-2023-20042: A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Softwar A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an implementation error within the SSL/TLS session han

CVE-2023-20083 [HIGH] CWE-835 CVE-2023-20083: A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco Fir A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the CPU of an affected device to spike to 100 percent, which could stop all traffic processing and result in a denial of service (DoS) condition. FTD managemen

CVE-2023-20267 [MEDIUM] CWE-284 CVE-2023-20267: A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attack A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This vulnerability exists because the configuration for IP geolocation rules is not parsed properly. An attacker could exploit this vulnerability by spoofing an IP address until they bypass the restric

CVE-2023-20071 [MEDIUM] CWE-1039 CVE-2023-20071: Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could all Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could exploit this vulnerability by sending crafted FTP t

CVE-2023-20177 [MEDIUM] CWE-244 CVE-2023-20177: A vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense (FTD) Softwa A vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense (FTD) Software that occurs when the SSL/TLS connection is configured with a URL Category and the Snort 3 detection engine could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart. This vulnerability exists beca

CVE-2023-20246 [MEDIUM] CWE-290 CVE-2023-20246: Multiple Cisco products are affected by a vulnerability in Snort access control policies that could Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a logic error that occurs when the access control policies are being populated. An attacker could exploit this vulnerability

CVE-2023-20247 [MEDIUM] CWE-288 CVE-2023-20247: A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Soft A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to bypass a configured multiple certificate authentication policy and connect using only a valid username and password. This vulnerability is due to i

CVE-2023-20245 [MEDIUM] CWE-290 CVE-2023-20245: Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. These vulnerabilit

CVE-2023-20070 [MEDIUM] CWE-244 CVE-2023-20070: A vulnerability in the TLS 1.3 implementation of the Cisco Firepower Threat Defense (FTD) Software c A vulnerability in the TLS 1.3 implementation of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart. This vulnerability is due to a logic error in how memory allocations are handled during a TLS 1.3 session. Under specific, time-based constra