CVE-2024-20351

Published Oct 23, 2024

Last updated 23 days ago

CVSS high 8.6

Overview

Description
A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense (FTD) Software and Cisco FirePOWER Services could allow an unauthenticated, remote attacker to cause legitimate network traffic to be dropped, resulting in a denial of service (DoS) condition. This vulnerability is due to the improper handling of TCP/IP network traffic. An attacker could exploit this vulnerability by sending a large amount of TCP/IP network traffic through the affected device. A successful exploit could allow the attacker to cause the Cisco FTD device to drop network traffic, resulting in a DoS condition. The affected device must be rebooted to resolve the DoS condition.
Source
ykramarz@cisco.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.6
Impact score
4
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Severity
HIGH

Weaknesses

ykramarz@cisco.com
CWE-400

Social media

Hype score
Not currently trending

  1. [CVE-2024-20351: HIGH] A vulnerability in Cisco Firepower Threat Defense software could lead to a denial of service attack if exploited. Attackers can cause legitimate network traffic to be dropped remotely.#cybersecurity,#vulnerability https://t.co/TcNqo23aNX https://t.co/3J80Bt

    @CveFindCom

    23 Oct 2024

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References