Cisco Firepower Threat Defense Software for Firepower 2100 Series TLS Denial of Service Vulnerability
CVE-2024-20339

8.6HIGH

Key Information:

Vendor: Cisco
Status: Cisco Firepower Threat Defense Software
Vendor: CVE Published:; 23 October 2024

Badges

👾 Exploit Exists

Summary

A vulnerability exists within the TLS processing capabilities in Cisco Firepower Threat Defense (FTD) Software that affects the Cisco Firepower 2100 Series. This issue allows unauthenticated, remote attackers to exploit the TLS traffic processing, which can lead to a denial of service condition. By sending specific TLS packets over IPv4, an attacker may force an affected device to reload. Such exploitability can cause significant disruption in traffic handling, affecting network operations and security protocols in place. It is crucial for users and administrators of affected products to apply necessary mitigations and patches to safeguard their systems from potential exploitation.

Affected Version(s)

Cisco Firepower Threat Defense Software 6.2.3

Cisco Firepower Threat Defense Software 6.2.3.9

Cisco Firepower Threat Defense Software 6.2.3.1

References

https://sec.cloudapps.cisco.com/security/center/content/C...

https://sec.cloudapps.cisco.com/security/center/viewErp.x...

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

👾
Exploit known to exist
Oct 24, 2024
Vulnerability published
Oct 23, 2024