CVE-2024-20342

Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter. This vulnerability is due to an incorrect connection count comparison. An attacker could exploit this vulnerability by sending traffic through an affected device at a rate that exceeds a configured rate filter. A successful exploit could allow the attacker to successfully bypass the rate filter. This could allow unintended traffic to enter the network protected by the affected device.

CVSS v3 5.8 MEDIUM

5.8^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope CHANGED

References

Link	Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-xss-yjj7ZjVq
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-rf-bypass-OY8f3pnM
https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300

Configurations

No configuration.

History

25 Oct 2024, 12:56

Type	Values Removed	Values Added
Summary		(es) Varios productos de Cisco se ven afectados por una vulnerabilidad en la función de filtrado de velocidad del motor de detección Snort que podría permitir que un atacante remoto no autenticado eluda un filtro de limitación de velocidad configurado. Esta vulnerabilidad se debe a una comparación incorrecta del recuento de conexiones. Un atacante podría aprovechar esta vulnerabilidad enviando tráfico a través de un dispositivo afectado a una velocidad que supere un filtro de velocidad configurado. Una explotación exitosa podría permitir que el atacante eluda con éxito el filtro de velocidad. Esto podría permitir que el tráfico no deseado ingrese a la red protegida por el dispositivo afectado.

23 Oct 2024, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-10-23 17:15

Updated : 2024-10-25 12:56

NVD link : CVE-2024-20342

Mitre link : CVE-2024-20342

CVE.ORG link : CVE-2024-20342

JSON object : View

Products Affected

No product.

CWE

CWE-1025

Comparison Using Wrong Factors

5.8 /10