MEDIUM✓ PATCH🇵🇱 Wersja polska

CVE-2024-20342

CVSS 5.8v3.1pub. 2024-10-23upd. 2025-08-11

Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter.  This vulnerability is due to an incorrect connection count comparison. An attacker could exploit this vulnerability by sending traffic through an affected device at a rate that exceeds a configured rate filter. A successful exploit could allow the attacker to successfully bypass the rate filter. This could allow unintended traffic to enter the network protected by the affected device.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
  • Cisco Firepower Threat Defense Software

    APP
    Cisco
    7.1.07.3.0< 7.0.6.27.2.0 – 7.2.6 (bez)7.4.0 – 7.4.2 (bez)
  • Cisco Snort

    APP
    Cisco
    3.0.0.0 – 3.1.74.0 (bez)
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2026-20049HIGH7.7ten sam produkt

A vulnerability in the processing of Galois/Counter Mode (GCM)-encrypted Internet Key Exchange version 2 (IKEv...

CVE-2026-20101HIGH8.6ten sam produkt

A vulnerability in the SAML 2.0 single sign-on (SSO) feature of Cisco Secure Firewall ASA Software and Secure ...

CVE-2026-20014HIGH7.7ten sam produkt

A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could...

CVE-2026-20039HIGH8.6ten sam produkt

A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and ...

CVE-2026-20103HIGH8.6ten sam produkt

A vulnerability in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Applianc...