Bypass Vulnerability in Cisco Snort Intrusion Prevention System

CVE-2024-20363

What is CVE-2024-20363?

A vulnerability exists in the Snort Intrusion Prevention System (IPS) rule engine of multiple Cisco products that could be exploited by an unauthenticated remote attacker. This issue arises from inadequate handling of malformed HTTP packets, enabling attackers to bypass established IPS rules. By sending crafted HTTP requests through vulnerable systems, an attacker may gain the ability to allow uninspected traffic access to the network, potentially compromising security measures in place. Organizations using affected Cisco Snort IPS versions should assess their risk and apply applicable updates.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

News Articles

Rewterz

CVE-2024-20360CVE-2024-20363

Multiple Cisco Products Vulnerabilities - Rewterz

Cisco Firepower Management Center Software is vulnerable to SQL injection.

References