CVE-2024-20363 Vulnerability Details

  /     /     /  

CVE-2024-20363 Metadata Quick Info

CVE Published: 22/05/2024 | CVE Updated: 01/08/2024 | CVE Year: 2024
Source: cisco | Vendor: Cisco | Product: Cisco Firepower Threat Defense Software
Status : PUBLISHED

---

CVE-2024-20363 Description

Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System (IPS) rule engine that could allow an unauthenticated, remote attacker to bypass the configured rules on an affected system. This vulnerability is due to incorrect HTTP packet handling. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured IPS rules and allow uninspected traffic onto the network.

Metrics

CVSS Version: 3.1 | Base Score: 5.8 MEDIUM
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

l➤ Exploitability Metrics:
    Attack Vector (AV)* NETWORK
    Attack Complexity (AC)* LOW
    Privileges Required (PR)* NONE
    User Interaction (UI)* NONE
    Scope (S)* CHANGED

l➤ Impact Metrics:
    Confidentiality Impact (C)* NONE
    Integrity Impact (I)* LOW
    Availability Impact (A)* NONE

Weakness Enumeration (CWE)

CWE-ID: CWE-290
CWE Name: Authentication Bypass by Spoofing
Source: Cisco

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).