CVE-2024-20260
Es bestehen mehrere Schwachstellen in Cisco Firepower und Cisco ASA (Adaptive Security Appliance). Diese Fehler betreffen mehrere Komponenten, darunter das Remote Access VPN, den DAP, das IKEv2-Protokoll, die VPN- und Management-Webserver sowie die SSL-VPN-Funktion. Diese Schwachstellen werden durch eine Reihe von Sicherheitsproblemen verursacht, darunter das Fehlen einer ordnungsgemäßen Speicherverwaltung, eine unzureichende Eingabevalidierung und eine unzureichende Entropie im Authentifizierungsprozess, was zur Erschöpfung der Ressourcen oder zum Systemabbruch führen kann. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, in einigen Fällen sogar einen gezielten.
EPSS 0.37% · 59.0th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Cisco ASA (Adaptive Security Appliance) | |
| Cisco | Cisco Firepower |
Timeline
- Oct 23, 2024 Coalition ESS Score
- Oct 23, 2024 CVE Published
- Oct 24, 2024 EPSS Score
- Oct 24, 2024 PoC Published
- Oct 24, 2024 CVE Updated
- Oct 24, 2024 PoC Published
- Oct 25, 2024 Coalition ESS Score
- Nov 11, 2024 EPSS Score
- Nov 30, 2024 EPSS Score
- Dec 19, 2024 EPSS Score
- Jan 6, 2025 EPSS Score
- Jan 25, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3262.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3262 advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-acl-bypass-VvnLNKqf advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-bf-dos-vDZhLqrW advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dap-dos-bhEkP7n advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ikev2-dos-9FgEyHsF advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-nsgacl-bypass-77XnEAsL advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-lce-vU3ekMJ3 advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-priv-esc-hBS9gnwq advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-7TcnzxTU advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftdvirtual-dos-MuenGnYR advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-dos-hOnB9pH4 advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-yjj7ZjVq advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-tls-CWY6zXB advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-vpn-4gYEWMKg advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-vpn-cZf8gT advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-vpn-nyH3fhp advisory