CVE-2024-20342

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-20342
Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter.  This vulnerability is due to an incorrect connection count comparison. An attacker could exploit this vulnerability by sending traffic through an affected device at a rate that exceeds a configured rate filter. A successful exploit could allow the attacker to successfully bypass the rate filter. This could allow unintended traffic to enter the network protected by the affected device.

8.6 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 4.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope CHANGED

References
Link Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-rf-bypass-OY8f3pnM Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:cisco:snort:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:cisco:firepower_threat_defense_software:7.1.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense_software:7.3.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*
History

11 Aug 2025, 14:23

Type Values Removed Values Added
CPE cpe:2.3:a:cisco:firepower_threat_defense_software:7.3.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:snort:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense_software:7.1.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*
References () https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-rf-bypass-OY8f3pnM - () https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-rf-bypass-OY8f3pnM - Vendor Advisory
First Time Cisco firepower Threat Defense Software
Cisco snort
Cisco
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 8.6

13 Jan 2025, 18:15

Type Values Removed Values Added
References
  • {'url': 'https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO', 'name': 'https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO', 'tags': [], 'refsource': ''}
  • {'url': 'https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-xss-yjj7ZjVq', 'name': 'https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-xss-yjj7ZjVq', 'tags': [], 'refsource': ''}
  • {'url': 'https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300', 'name': 'Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication', 'tags': [], 'refsource': ''}
Summary Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter. This vulnerability is due to an incorrect connection count comparison. An attacker could exploit this vulnerability by sending traffic through an affected device at a rate that exceeds a configured rate filter. A successful exploit could allow the attacker to successfully bypass the rate filter. This could allow unintended traffic to enter the network protected by the affected device. Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter.  This vulnerability is due to an incorrect connection count comparison. An attacker could exploit this vulnerability by sending traffic through an affected device at a rate that exceeds a configured rate filter. A successful exploit could allow the attacker to successfully bypass the rate filter. This could allow unintended traffic to enter the network protected by the affected device.

23 Oct 2024, 17:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-10-23 17:15

Updated : 2025-08-11 14:23

NVD link : CVE-2024-20342

Mitre link : CVE-2024-20342

JSON object : View

Products Affected

cisco

  • firepower_threat_defense_software
  • snort
CWE

No CWE.