CVE-2024-20339

Published Oct 23, 2024

Last updated 23 days ago

CVSS high 8.6

Overview

Description
A vulnerability in the TLS processing feature of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an issue that occurs when TLS traffic is processed. An attacker could exploit this vulnerability by sending certain TLS traffic over IPv4 through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition and impacting traffic to and through the affected device.
Source
ykramarz@cisco.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.6
Impact score
4
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Severity
HIGH

Weaknesses

ykramarz@cisco.com
CWE-476

Social media

Hype score
Not currently trending

  1. [CVE-2024-20339: HIGH] Critical cyber security alert: Cisco Firepower Threat Defense Software vulnerability in TLS processing feature allows remote DoS attack. Update systems to prevent unauthorized access now.#cybersecurity,#vulnerability https://t.co/9BoZmJbowa https://t.co/yOq

    @CveFindCom

    23 Oct 2024

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References