A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control policy.
This vulnerability is due to improper assignment of geolocation data. An attacker could exploit this vulnerability by sending traffic through an affected device. A successful exploit could allow the attacker to bypass a geolocation-based access control policy and successfully send traffic to a protected device.
References
Link | Resource |
---|---|
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-geoip-bypass-MB4zRDu | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
05 Nov 2024, 14:47
Type | Values Removed | Values Added |
---|---|---|
First Time |
Cisco firepower Threat Defense
Cisco |
|
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.4.1.1:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.2.5:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.0.6:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.4.1:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.1:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.4.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.1:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.2:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.2.4.1:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.2:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:* cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:* |
|
References | () https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-geoip-bypass-MB4zRDu - Vendor Advisory |
25 Oct 2024, 12:56
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
23 Oct 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-23 18:15
Updated : 2024-11-05 14:47
NVD link : CVE-2024-20431
Mitre link : CVE-2024-20431
CVE.ORG link : CVE-2024-20431
JSON object : View
Products Affected
cisco
- firepower_threat_defense
CWE