MEDIUM✓ PATCH🇬🇧 English

CVE-2024-20342

CVSS 5.8v3.1pub. 2024-10-23upd. 2025-08-11

Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter.  This vulnerability is due to an incorrect connection count comparison. An attacker could exploit this vulnerability by sending traffic through an affected device at a rate that exceeds a configured rate filter. A successful exploit could allow the attacker to successfully bypass the rate filter. This could allow unintended traffic to enter the network protected by the affected device.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
  • Cisco Firepower Threat Defense Software

    APP
    Cisco
    7.1.07.3.0< 7.0.6.27.2.0 – 7.2.6 (bez)7.4.0 – 7.4.2 (bez)
  • Cisco Snort

    APP
    Cisco
    3.0.0.0 – 3.1.74.0 (bez)
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2026-20049HIGH7.7ten sam produkt

A vulnerability in the processing of Galois/Counter Mode (GCM)-encrypted Internet Key Exchange version 2 (IKEv...

CVE-2026-20101HIGH8.6ten sam produkt

A vulnerability in the SAML 2.0 single sign-on (SSO) feature of Cisco Secure Firewall ASA Software and Secure ...

CVE-2026-20014HIGH7.7ten sam produkt

A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could...

CVE-2026-20039HIGH8.6ten sam produkt

A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and ...

CVE-2026-20103HIGH8.6ten sam produkt

A vulnerability in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Applianc...