We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-20330

Cisco Firepower Threat Defense Software for Cisco Firepower 2100 Series TCP UDP Snort 2 and Snort 2 Denial of Service Vulnerability



Description

A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause memory corruption, which could cause the Snort detection engine to restart unexpectedly. This vulnerability is due to improper memory management when the Snort detection engine processes specific TCP or UDP packets. An attacker could exploit this vulnerability by sending crafted TCP or UDP packets through a device that is inspecting traffic using the Snort detection engine. A successful exploit could allow the attacker to restart the Snort detection engine repeatedly, which could cause a denial of service (DoS) condition. The DoS condition impacts only the traffic through the device that is examined by the Snort detection engine. The device can still be managed over the network. Note: Once a memory block is corrupted, it cannot be cleared until the Cisco Firepower 2100 Series Appliance is manually reloaded. This means that the Snort detection engine could crash repeatedly, causing traffic that is processed by the Snort detection engine to be dropped until the device is manually reloaded.

Reserved 2023-11-08 | Published 2024-10-23 | Updated 2024-10-24 | Assigner cisco


HIGH: 8.6CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Problem types

Access of Memory Location After End of Buffer

Product status

Default status
unknown

7.0.0
affected

7.0.0.1
affected

7.0.1
affected

7.1.0
affected

7.0.1.1
affected

7.1.0.1
affected

7.0.2
affected

7.2.0
affected

7.0.2.1
affected

7.0.3
affected

7.2.0.1
affected

7.0.4
affected

7.2.1
affected

7.0.5
affected

7.3.0
affected

7.2.2
affected

7.2.3
affected

7.3.1
affected

7.1.0.3
affected

7.2.4
affected

7.0.6
affected

7.2.5
affected

7.2.4.1
affected

7.3.1.1
affected

7.0.6.1
affected

7.2.5.1
affected

7.4.1
affected

7.2.6
affected

7.0.6.2
affected

7.4.1.1
affected

7.2.7
affected

7.2.5.2
affected

7.3.1.2
affected

7.2.8
affected

7.4.2
affected

7.2.8.1
affected

7.0.6.3
affected

References

sec.cloudapps.cisco.com/...sco-sa-ftd2100-snort-dos-M9HuMt75 (cisco-sa-ftd2100-snort-dos-M9HuMt75)

sec.cloudapps.cisco.com/...dvisory/cisco-sa-fmc-xss-M446vbEO

sec.cloudapps.cisco.com/...enter/viewErp.x?alertId=ERP-75300 (Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication)

cve.org (CVE-2024-20330)

nvd.nist.gov (CVE-2024-20330)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-20330

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.

© Copyright 2024 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.