Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SNMP Denial of Service Vulnerability
CVE-2024-20268

7.7HIGH

Key Information:

Vendor
Cisco
Status
Cisco Adaptive Security Appliance (asa) Software
Cisco Firepower Threat Defense Software
Vendor
CVE Published:
23 October 2024

Badges

👾 Exploit Exists

Summary

A vulnerability in the Simple Network Management Protocol (SNMP) feature found in Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) software presents a risk where an authenticated, remote attacker can trigger an unexpected device reload. This issue stems from insufficient input validation of SNMP packets. By sending a specially crafted SNMP request and leveraging either a valid SNMP community string or SNMPv3 user credentials, an attacker could exploit this vulnerability over both IPv4 and IPv6 networks, ultimately resulting in a denial of service (DoS) condition affecting the availability of the device.

Affected Version(s)

Cisco Adaptive Security Appliance (ASA) Software 9.14.1

Cisco Adaptive Security Appliance (ASA) Software 9.14.1.10

Cisco Adaptive Security Appliance (ASA) Software 9.14.1.6

References

https://sec.cloudapps.cisco.com/security/center/content/C...
https://sec.cloudapps.cisco.com/security/center/content/C...
https://sec.cloudapps.cisco.com/security/center/viewErp.x...

CVSS V3.1

Score:
7.7
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • 👾

    Exploit known to exist

  • Vulnerability published

.