Vulnerability Description
A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense (FTD) Software and Cisco FirePOWER Services could allow an unauthenticated, remote attacker to cause legitimate network traffic to be dropped, resulting in a denial of service (DoS) condition. This vulnerability is due to the improper handling of TCP/IP network traffic. An attacker could exploit this vulnerability by sending a large amount of TCP/IP network traffic through the affected device. A successful exploit could allow the attacker to cause the Cisco FTD device to drop network traffic, resulting in a DoS condition. The affected device must be rebooted to resolve the DoS condition.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Firepower Threat Defense Software | 6.2.3 |
Related Weaknesses (CWE)
References
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/ciBroken Link
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/ciBroken Link
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/ciVendor Advisory
- https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300Vendor Advisory
FAQ
What is CVE-2024-20351?
CVE-2024-20351 is a vulnerability with a CVSS score of 8.6 (HIGH). A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense (FTD) Software and Cisco FirePOWER Services could allow an unauthenticated, remo...
How severe is CVE-2024-20351?
CVE-2024-20351 has been rated HIGH with a CVSS base score of 8.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-20351?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Firepower Threat Defense Software.