CVE-2024-20297

{"id": "CVE-2024-20297", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2024-10-23T17:15:15.437", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-acl-bypass-VvnLNKqf", "source": "ykramarz@cisco.com"}, {"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO", "source": "ykramarz@cisco.com"}, {"url": "https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300", "source": "ykramarz@cisco.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-290"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device. This vulnerability is due to a logic error in populating group ACLs when an AnyConnect client establishes a new session toward an affected device. An attacker could exploit this vulnerability by establishing an AnyConnect connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules."}, {"lang": "es", "value": "Una vulnerabilidad en el firewall AnyConnect para el software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado omita una lista de control de acceso (ACL) configurada y permita que el tr\u00e1fico que deber\u00eda haber sido denegado fluya a trav\u00e9s de un dispositivo afectado. Esta vulnerabilidad se debe a un error l\u00f3gico en el llenado de las ACL de grupo cuando un cliente AnyConnect establece una nueva sesi\u00f3n hacia un dispositivo afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad estableciendo una conexi\u00f3n AnyConnect con el dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante omitir las reglas de ACL configuradas."}], "lastModified": "2024-10-25T12:56:36.827", "sourceIdentifier": "ykramarz@cisco.com"}