We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-20339

Cisco Firepower Threat Defense Software for Firepower 2100 Series TLS Denial of Service Vulnerability



Assignercisco
Reserved2023-11-08
Published2024-10-23
Updated2024-10-24

Description

A vulnerability in the TLS processing feature of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an issue that occurs when TLS traffic is processed. An attacker could exploit this vulnerability by sending certain TLS traffic over IPv4 through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition and impacting traffic to and through the affected device.



HIGH: 8.6CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Product status

Default status
unknown

6.2.3
affected

6.2.3.9
affected

6.2.3.1
affected

6.2.3.2
affected

6.2.3.10
affected

6.4.0
affected

6.4.0.3
affected

6.4.0.4
affected

6.2.3.15
affected

6.2.3.6
affected

6.2.3.7
affected

6.2.3.12
affected

6.2.3.3
affected

6.2.3.11
affected

6.4.0.6
affected

6.2.3.13
affected

6.2.3.8
affected

6.2.3.4
affected

6.4.0.1
affected

6.2.3.5
affected

6.4.0.5
affected

6.2.3.14
affected

6.4.0.2
affected

6.4.0.8
affected

6.4.0.7
affected

6.6.0
affected

6.4.0.9
affected

6.2.3.16
affected

6.6.0.1
affected

6.6.1
affected

6.4.0.10
affected

6.7.0
affected

6.4.0.11
affected

6.6.3
affected

6.7.0.1
affected

6.6.4
affected

6.4.0.12
affected

6.7.0.2
affected

7.0.0
affected

6.2.3.17
affected

7.0.0.1
affected

6.6.5
affected

7.0.1
affected

7.1.0
affected

6.4.0.13
affected

6.6.5.1
affected

6.2.3.18
affected

7.0.1.1
affected

6.7.0.3
affected

6.4.0.14
affected

7.1.0.1
affected

6.6.5.2
affected

7.0.2
affected

6.4.0.15
affected

7.2.0
affected

7.0.2.1
affected

7.0.3
affected

6.6.7
affected

7.2.0.1
affected

7.0.4
affected

7.2.1
affected

7.0.5
affected

6.4.0.16
affected

7.3.0
affected

7.2.2
affected

6.6.7.1
affected

7.2.3
affected

7.3.1
affected

7.1.0.3
affected

7.2.4
affected

7.0.6
affected

7.2.5
affected

7.2.4.1
affected

7.3.1.1
affected

6.4.0.17
affected

7.0.6.1
affected

7.2.5.1
affected

6.6.7.2
affected

7.2.5.2
affected

7.3.1.2
affected

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-dos-QXYE5Ufy (cisco-sa-ftd-tls-dos-QXYE5Ufy)

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO

https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300 (Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication)

cve.org CVE-2024-20339

nvd.nist.gov CVE-2024-20339

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-20339
Subscribe to our newsletter to learn more about our work.