CVE-2024-20342

Name
CVE-2024-20342
Description
Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter.  This vulnerability is due to an incorrect connection count comparison. An attacker could exploit this vulnerability by sending traffic through an affected device at a rate that exceeds a configured rate filter. A successful exploit could allow the attacker to successfully bypass the rate filter. This could allow unintended traffic to enter the network protected by the affected device.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-rf-bypass-OY8f3pnM
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO
https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-xss-yjj7ZjVq

Match rules

CPE URI Source package Min version Max version
cisco-firepower-threat-defense-software == 6.7.0 == 6.7.0
cisco-firepower-threat-defense-software == 6.7.0.1 == 6.7.0.1
cisco-firepower-threat-defense-software == 6.7.0.2 == 6.7.0.2
cisco-firepower-threat-defense-software == 7.0.0 == 7.0.0
cisco-firepower-threat-defense-software == 7.0.0.1 == 7.0.0.1
cisco-firepower-threat-defense-software == 7.0.1 == 7.0.1
cisco-firepower-threat-defense-software == 7.1.0 == 7.1.0
cisco-firepower-threat-defense-software == 7.0.1.1 == 7.0.1.1
cisco-firepower-threat-defense-software == 6.7.0.3 == 6.7.0.3
cisco-firepower-threat-defense-software == 7.1.0.1 == 7.1.0.1
cisco-firepower-threat-defense-software == 7.0.2 == 7.0.2
cisco-firepower-threat-defense-software == 7.2.0 == 7.2.0
cisco-firepower-threat-defense-software == 7.0.2.1 == 7.0.2.1
cisco-firepower-threat-defense-software == 7.0.3 == 7.0.3
cisco-firepower-threat-defense-software == 7.1.0.2 == 7.1.0.2
cisco-firepower-threat-defense-software == 7.2.0.1 == 7.2.0.1
cisco-firepower-threat-defense-software == 7.0.4 == 7.0.4
cisco-firepower-threat-defense-software == 7.2.1 == 7.2.1
cisco-firepower-threat-defense-software == 7.0.5 == 7.0.5
cisco-firepower-threat-defense-software == 7.3.0 == 7.3.0
cisco-firepower-threat-defense-software == 7.2.2 == 7.2.2
cisco-firepower-threat-defense-software == 7.2.3 == 7.2.3
cisco-firepower-threat-defense-software == 7.3.1 == 7.3.1
cisco-firepower-threat-defense-software == 7.1.0.3 == 7.1.0.3
cisco-firepower-threat-defense-software == 7.2.4 == 7.2.4
cisco-firepower-threat-defense-software == 7.0.6 == 7.0.6
cisco-firepower-threat-defense-software == 7.2.5 == 7.2.5
cisco-firepower-threat-defense-software == 7.2.4.1 == 7.2.4.1
cisco-firepower-threat-defense-software == 7.3.1.1 == 7.3.1.1
cisco-firepower-threat-defense-software == 7.4.0 == 7.4.0
cisco-firepower-threat-defense-software == 7.0.6.1 == 7.0.6.1
cisco-firepower-threat-defense-software == 7.2.5.1 == 7.2.5.1
cisco-firepower-threat-defense-software == 7.4.1 == 7.4.1
cisco-firepower-threat-defense-software == 7.4.1.1 == 7.4.1.1
cisco-firepower-threat-defense-software == 7.2.5.2 == 7.2.5.2
cisco-firepower-threat-defense-software == 7.3.1.2 == 7.3.1.2
cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:* firepower-threat-defense-software >= 6.7.0 <= 7.4.1.1
cpe:2.3:a:cisco:snort:*:*:*:*:*:*:*:* snort >= 3.0.0.0 < 3.1.74.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
snort 3.19-main 3.1.73.0-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable