CVE-2024-20363

Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System (IPS) rule engine that could allow an unauthenticated, remote attacker to bypass the configured rules on an affected system. This vulnerability is due to incorrect HTTP packet handling. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured IPS rules and allow uninspected traffic onto the network.

CVSS

No CVSS.

References

Link	Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-ips-bypass-uE69KBMd	Vendor Advisory
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-ips-bypass-uE69KBMd	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:cisco:firepower_threat_defense:7.4.0:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.12.1a:::::::*
	cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.12.2:::::::*
	cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.6.4:::::::*
	cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.6.5:::::::*

Configuration 3 (hide)

cpe:2.3:a:cisco:snort:*:*:*:*:*:*:*:*

History

03 Jul 2025, 17:19

Type	Values Removed	Values Added
CPE		cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.6.4:::::::* cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.12.1a:::::::* cpe:2.3:a:cisco:firepower_threat_defense:7.4.0:::::::* cpe:2.3:a:cisco:snort:::::::: cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.12.2:::::::* cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.6.5:::::::*
First Time		Cisco unified Threat Defense Snort Intrusion Prevention System Engine Cisco snort Cisco Cisco firepower Threat Defense
References	~~() https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-ips-bypass-uE69KBMd -~~	() https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-ips-bypass-uE69KBMd - Vendor Advisory

22 May 2024, 17:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-05-22 17:16

Updated : 2025-07-03 17:19

NVD link : CVE-2024-20363

Mitre link : CVE-2024-20363

JSON object : View

Products Affected

cisco

firepower_threat_defense
unified_threat_defense_snort_intrusion_prevention_system_engine
snort

CWE

No CWE.

JSON object

Attach tags to CVE-2024-20363

Attach tags to `CVE-2024-20363`