Cisco Firepower Threat Defense vulnerabilities

CVE-2024-20431 [MEDIUM] CWE-229 CVE-2024-20431: A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) So A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control policy. This vulnerability is due to improper assignment of geolocation data. An attacker could exploit this vulnerability by sending traffic through an affected device

CVE-2024-20388 [MEDIUM] CWE-202 CVE-2024-20388: A vulnerability in the password change feature of Cisco Firepower Management Center (FMC) software c A vulnerability in the password change feature of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to determine valid user names on an affected device. This vulnerability is due to improper authentication of password update responses. An attacker could exploit this vulnerability by forcing a password r

CVE-2024-20299 [MEDIUM] CWE-290 CVE-2024-20299: A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device. This vulnerability is due

CVE-2024-20297 [MEDIUM] CWE-290 CVE-2024-20297: A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device. This vulnerability is due

CVE-2024-20293 [MEDIUM] CWE-436 CVE-2024-20293: A vulnerability in the activation of an access control list (ACL) on Cisco Adaptive Security Applian A vulnerability in the activation of an access control list (ACL) on Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected device. This vulnerability is due to a logic error that occ

CVE-2024-20363 [MEDIUM] CWE-290 CVE-2024-20363: Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System (IP Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System (IPS) rule engine that could allow an unauthenticated, remote attacker to bypass the configured rules on an affected system. This vulnerability is due to incorrect HTTP packet handling. An attacker could exploit this vulnerability by sending crafted HTTP

CVE-2024-20355 [MEDIUM] CWE-862 CVE-2024-20355: A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN service A vulnerability in the implementation of SAML 2.0 single sign-on (SSO) for remote access VPN services in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to successfully establish a VPN session on an affected device. This vulnerability is due to improper

CVE-2024-20261 [MEDIUM] CWE-284 CVE-2024-20261: A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured file policy to block an encrypted archive file. This vulnerability exists because of a logic error when a specific class of encrypted archive

CVE-2024-20353 [HIGH] CWE-835 CVE-2024-20353: A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) So A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to incomplete error checking

CVE-2024-20359 [MEDIUM] CWE-94 CVE-2024-20359: A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins a A vulnerability in a legacy capability that allowed for the preloading of VPN clients and plug-ins and that has been available in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level priv

CVE-2023-20275 [MEDIUM] CWE-346 CVE-2023-20275: A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Softwar A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to send packets with another VPN user's source IP address. This vulnerability is due to improper validation of the packet's inner source IP address after

CVE-2023-20095 [HIGH] CWE-772 CVE-2023-20095: A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of HTTPS requests. An attacker could ex

CVE-2023-20063 [HIGH] CWE-94 CVE-2023-20063: A vulnerability in the inter-device communication mechanisms between devices that are running Cisco A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary commands with root permissions on the underlying operating system of an affect

CVE-2023-20086 [HIGH] CWE-248 CVE-2023-20086: A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco F A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper processing of ICMPv6 messages. An attacker could exploit this vulnerability by sen

CVE-2023-20244 [HIGH] CWE-771 CVE-2023-20244: A vulnerability in the internal packet processing of Cisco Firepower Threat Defense (FTD) Software f A vulnerability in the internal packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Firewalls could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain packets when they are sent to the insp

CVE-2023-20042 [HIGH] CWE-404 CVE-2023-20042: A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Softwar A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an implementation error within the SSL/TLS session handl

CVE-2023-20083 [HIGH] CWE-835 CVE-2023-20083: A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco Fir A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the CPU of an affected device to spike to 100 percent, which could stop all traffic processing and result in a denial of service (DoS) condition. FTD managemen

CVE-2023-20267 [MEDIUM] CWE-284 CVE-2023-20267: A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attack A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This vulnerability exists because the configuration for IP geolocation rules is not parsed properly. An attacker could exploit this vulnerability by spoofing an IP address until they bypass the restric

CVE-2023-20031 [MEDIUM] CWE-244 CVE-2023-20031: A vulnerability in the SSL/TLS certificate handling of Snort 3 Detection Engine integration with Cis A vulnerability in the SSL/TLS certificate handling of Snort 3 Detection Engine integration with Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart. This vulnerability is due to a logic error that occurs when an SSL/TLS certificate that is under load is acces

CVE-2023-20071 [MEDIUM] CWE-1039 CVE-2023-20071: Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could all Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could exploit this vulnerability by sending crafted FTP t