VDB
CVE-2024-20342
CVE-2024-20342
PUBLISHED
Es gibt eine Schwachstelle in Snort und Cisco Firepower. Die Schwachstelle betrifft die Ratenfilterfunktion der Snort Detection Engine aufgrund eines fehlerhaften Vergleichs der Anzahl der Verbindungen. Ein anonymer Angreifer kann diese Schwachstelle ausnutzen, um den Ratenfilter zu umgehen, indem er Datenverkehr über ein betroffenes Gerät mit einer Rate sendet, die einen konfigurierten Ratenfilter überschreitet.
EPSS 0.05% · 17.1th percentile
Risk Scores
EPSS Score
0.05%
17.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Cisco Firepower | |
| Cisco | Cisco Firepower FTD <7.0.6.2 | |
| Open Source | Open Source Snort <3.1.74.0 | |
| Cisco | Cisco Firepower FTD <7.4.2.1 | |
| Cisco | Cisco Firepower FTD <7.2.6 | |
| Open Source | Open Source Snort 2 |
Timeline
- Oct 23, 2024 CVE Published
- Oct 23, 2024 PoC Published
- Oct 24, 2024 EPSS Score
- Oct 24, 2024 Coalition ESS Score
- Oct 25, 2024 Coalition ESS Score
- Nov 11, 2024 EPSS Score
- Nov 30, 2024 EPSS Score
- Dec 19, 2024 EPSS Score
- Jan 6, 2025 EPSS Score
- Jan 25, 2025 EPSS Score
- Feb 12, 2025 EPSS Score
- Mar 2, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3269.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3269 advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-rf-bypass-OY8f3pnM advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd2100-snort-dos-M9HuMt75 advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-ftd-snort-fw-BCJTZPMu advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-bypass-PTry37fX advisory