CVE-2024-20426

Published Oct 23, 2024

Last updated 12 days ago

CVSS high 8.6

Overview

Description: A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol for VPN termination of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted IKEv2 traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
Source: ykramarz@cisco.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 8.6
Impact score: 4
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo
ykramarz@cisco.com: CWE-476

Hype score: Not currently trending

[CVE-2024-20426: HIGH] Vulnerability in IKEv2 for Cisco ASA & FTD software allows remote attacks to cause DoS due to insufficient input validation. Upgrade software to prevent exploitation.#cybersecurity,#vulnerability https://t.co/3wvvbkRPj2 https://t.co/ib69YR1eZH
@CveFindCom
23 Oct 2024
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0BA16A6D-2747-4DAC-A30A-166F1FD906FA"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "289F9874-FC01-4809-9BDA-1AF583FB60B2"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74EDFC67-E4EE-4D2C-BF9F-5881C987C662"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "826869BE-4874-4BBA-9392-14851560BA10"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF52D477-3045-45D1-9FD3-12F396266463"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.2.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88E310BF-F1F6-4124-A875-81967B9B531E"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B330F8F-F0DA-472C-A932-AD1D232C7DB5"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.39:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6BF59DAA-268C-4FCF-A0AA-7967128AEBC5"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.46:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "140ED95D-173C-4ADB-A2E6-97F0D595D1AB"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.53:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BC9B00E1-3E50-4356-B6D9-F84BCD552402"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.55:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "552319A9-01F7-47BA-83B3-B2DD648AA07E"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.3.56:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4914603C-4B1B-48F1-826C-DB803BD21F87"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2AE21762-3085-4AFC-B1DE-A4562CDAC509"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "852C3478-7529-4002-8540-ABA4D556DEFC"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23B8A815-5D58-4952-936E-D47B83637BEB"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C98D085-E321-4BAE-AF03-ABDEDC4D24BE"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.24:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C05599C9-C0DB-47C1-B145-C410076C1049"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.18.4.29:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5BC91A59-0BFA-4DE8-B414-7558D27FBC54"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BEE52F59-AABA-4069-A909-64AD5DFD2B18"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "20D7966E-B02B-48C8-BF96-723DD6C25314"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA618249-E76F-4104-9326-C9F2DC8DE3D7"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7C925E1F-6BD9-4CD1-8AC4-4263A9094786"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5EE76D9-6D18-4823-B6B0-E1394A4D140C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3F635946-586D-4DE2-927B-300CE569C596"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.24:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "459C11B9-ABA1-472A-8CDA-9C7B4E48E943"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.27:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA060112-E2D8-4EC5-8400-D8D189A119B5"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.28:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3888BB0-B529-486C-8563-392BD1C5DFD5"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.19.1.31:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43FE3FA7-8281-4BD9-A08B-8C79D369480E"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B25468E3-03F9-4C2A-B82A-F87F4FCD57E8"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5EC6F412-4A30-4E9A-B8DF-C4BF80E5C4B8"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DA47E8EA-29F2-40F3-826E-E7295FFAD8C1"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4D303F8-E6AA-4F1C-9988-055EECD0A902"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.20.2.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2DCBBA66-6D00-4D8B-86FE-81EF431A7806"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F8288F62-8BEC-4318-8096-9D36817D1D80"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A617690D-92D7-4793-AEAC-15F31162D5F2"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F9608894-B4A7-49A1-863A-D44E53D6CE69"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3FDB77ED-AB5E-475F-A5F8-515B807E99A5"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0BEE0323-AC5A-4570-9681-14CD9FB8FD46"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F6773BC9-C84C-4249-B6C3-FD39BAAA0555"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A4DFC6F7-2BA1-4F32-AD55-8BF0888FDB92"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "291705AE-7BAE-4305-BECA-204821BF467A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FC683581-4B46-46A8-BBD8-CB01283641DF"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC2A816A-63D6-498B-B167-BE71F0019DB1"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "294D71C7-FFC3-4431-88AA-E03EFAE78CCE"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA8287D0-B817-4143-BE34-B3C7FEC7BDEF"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9621C619-C4F8-4906-8A24-E560C08F6921"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.2.8.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BB7F9C8B-35E4-459C-B31E-FCF2DAD0120E"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8AF82E95-C8D3-402B-BC97-29EA1771D5EA"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0350CCE9-512A-4A77-8FAB-7A8F9B061170"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.3.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3CC55E28-36AC-4D40-BB6D-A1B53503F5E4"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.3.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66F0A624-DDE8-490C-9DA4-762CD39764B2"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "901C034C-DDA4-49E1-B8B4-62F3B5C00173"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D094896F-425A-4E69-8941-41147222C42D"
          },
          {
            "criteria": "cpe:2.3:a:cisco:firepower_threat_defense_software:7.4.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30825677-8EF7-46A0-BB47-887707E007C3"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References