CVE-2024-20339

CVSS V2 None CVSS V3 None

Description

A vulnerability in the TLS processing feature of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an issue that occurs when TLS traffic is processed. An attacker could exploit this vulnerability by sending certain TLS traffic over IPv4 through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition and impacting traffic to and through the affected device.

Overview

CVE ID
CVE-2024-20339

Assigner
cisco

Vulnerability Status
PUBLISHED

Published Version
2024-10-23T17:09:01.598Z

Last Modified Date
2024-10-23T17:09:01.598Z

Weakness Enumerations

CWE	URL
CWE-476	http://cwe.mitre.org/data/definitions/476.html

References

Reference URL	Reference Tags
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-dos-QXYE5Ufy
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO
https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2024-20339
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20339

History

Created	Old Value	New Value	Data Type	Notes
2024-10-24 13:26:47				Added to TrackCVE