cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-1494,https://securityvulnerability.io/vulnerability/CVE-2021-1494,Cisco Snort Vulnerability Allows Bypass of Configured File Policy for HTTP,"A vulnerability exists within the Cisco Snort detection engine that compromises the security of HTTP file policies. This issue is attributed to the improper handling of specific HTTP header parameters, enabling an unauthenticated remote attacker to bypass established file policies. An attacker can exploit this vulnerability by sending specially crafted HTTP packets to an affected device, potentially leading to the delivery of a malicious payload. Organizations utilizing Cisco's Snort engine should take immediate measures to apply available patches and review configurations to mitigate this risk.",Cisco,"Cisco Firepower Threat Defense Software,Cisco Utd Snort Ips Engine Software",5.8,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-11-15T16:21:36.666Z,0
CVE-2021-34753,https://securityvulnerability.io/vulnerability/CVE-2021-34753,Cisco Firepower Threat Defense Software Vulnerability,"A vulnerability exists in the payload inspection process for Ethernet Industrial Protocol (ENIP) traffic in the Cisco Firepower Threat Defense (FTD) Software, which allows unauthenticated remote attackers to potentially bypass configured access control and intrusion policies. This flaw arises from inadequate processing of ENIP packets during deep packet inspection. By sending specially crafted ENIP packets to a vulnerable interface, attackers may exploit this vulnerability to evade security measures that should normally detect and drop such packets, leading to potential unauthorized access to network resources.",Cisco,Cisco Firepower Threat Defense Software,5.8,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-11-15T16:14:45.327Z,0
CVE-2021-34752,https://securityvulnerability.io/vulnerability/CVE-2021-34752,Cisco FTD Software Vulnerability Could Allow Arbitrary Commands with Root Privileges,"A vulnerability exists in the Command Line Interface (CLI) of Cisco FTD Software that enables an authenticated local user with administrative rights to execute arbitrary commands with elevated privileges on the device's underlying operating system. This issue arises from inadequate validation of the parameters provided in user commands. If an attacker successfully exploits this vulnerability by submitting specifically crafted input, they can execute commands with root-level access, thereby compromising the system's integrity. Cisco has issued software updates to remedy this vulnerability, and no workarounds are available.",Cisco,Cisco Firepower Threat Defense Software,6.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-15T16:14:36.385Z,0
CVE-2022-20685,https://securityvulnerability.io/vulnerability/CVE-2022-20685,Cisco Snort Detection Engine Vulnerability Could Lead to DoS Conditions,"A vulnerability exists within the Modbus preprocessor of the Snort detection engine which could enable an unauthenticated remote attacker to exploit the device, resulting in a denial of service condition. The root cause lies in an integer overflow that occurs when the system processes Modbus traffic. By sending specially crafted Modbus messages, an attacker can induce the Snort process to become unresponsive, leading to a halt in traffic inspection. Cisco has issued software updates addressing this vulnerability, with no applicable workarounds available.",Cisco,"Cisco Cyber Vision,Cisco Firepower Threat Defense Software,Cisco Utd Snort Ips Engine Software",7.5,HIGH,0.0004299999854993075,false,,false,false,true,2025-01-27T18:15:04.000Z,,false,false,,2024-11-15T15:36:31.261Z,0
CVE-2024-20485,https://securityvulnerability.io/vulnerability/CVE-2024-20485,Cisco ASA Software Vulnerability Could Allow Arbitrary Code Execution,"A vulnerability in the VPN web server of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary code with root-level privileges. Administrator-level privileges are required to exploit this vulnerability.
 This vulnerability is due to improper validation of a specific file when it is read from system flash memory. An attacker could exploit this vulnerability by restoring a crafted backup file to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the affected device after the next reload of the device, which could alter system behavior. Because the injected code could persist across device reboots, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High.",Cisco,"Cisco Adaptive Security Appliance (asa) Software,Cisco Firepower Threat Defense Software",6.7,MEDIUM,0.0004299999854993075,false,,false,false,true,2024-10-26T04:15:03.000Z,,false,false,,2024-10-23T18:15:00.000Z,0
CVE-2024-20402,https://securityvulnerability.io/vulnerability/CVE-2024-20402,Cisco ASA and FTD Devices Vulnerable to SSL/TLS Memory Management Memory Flaw,"A vulnerability exists in the SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software, allowing unauthenticated remote attackers to disrupt device operations through crafted SSL/TLS packets. This logic error in memory management can lead to unexpected device reloads, inducing a denial of service (DoS) condition. Organizations utilizing affected Cisco products should evaluate their exposure and implement relevant security measures to mitigate potential exploits.",Cisco,"Cisco Adaptive Security Appliance (asa) Software,Cisco Firepower Threat Defense Software",8.6,HIGH,0.0006099999882280827,false,,false,false,true,2024-10-24T17:15:07.000Z,,false,false,,2024-10-23T18:15:00.000Z,0
CVE-2024-20493,https://securityvulnerability.io/vulnerability/CVE-2024-20493,Cisco Remote Access SSL VPN Vulnerability Could Lead to Temporary Denial of Service,"A vulnerability exists in the login authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software. This issue arises from inadequate management of memory resources during the authentication process. By sending specially crafted packets, an unauthenticated, remote attacker may exploit this vulnerability, leading to resource exhaustion in the authentication process. As a result, this can temporarily prevent Remote Access SSL VPN users from authenticating for several minutes, effectively creating a denial of service condition.",Cisco,Firepower Threat Defense Software,5.3,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-10-23T18:15:00.000Z,0
CVE-2024-20408,https://securityvulnerability.io/vulnerability/CVE-2024-20408,Cisco ASA Software Vulnerability - Remote Reboot Attack Possible,"A vulnerability exists in the Dynamic Access Policies (DAP) feature of Cisco's Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software. This issue arises from improper validation of data in HTTPS POST requests, which can be exploited by an authenticated remote attacker possessing valid VPN user credentials. Upon successful exploitation, the attacker can send specially crafted HTTPS POST requests to the affected device, causing it to unexpectedly reload. This behavior results in a denial of service condition, potentially disrupting services for users relying on the affected systems.",Cisco,"Cisco Adaptive Security Appliance (asa) Software,Cisco Firepower Threat Defense Software",7.7,HIGH,0.0004299999854993075,false,,false,false,true,2024-10-24T18:15:09.000Z,,false,false,,2024-10-23T18:15:00.000Z,0
CVE-2024-20412,https://securityvulnerability.io/vulnerability/CVE-2024-20412,Unauthenticated Local Attackers Can Access Affected Systems via Static Credentials,"Cisco Firepower Threat Defense Software is exposed to a significant vulnerability that enables an unauthenticated local attacker to gain access to the system via static credentials. This vulnerability arises from hard-coded passwords embedded within static accounts on the affected devices. If exploited, an attacker could log in to the Command Line Interface (CLI) and potentially access restricted data, execute basic troubleshooting commands, modify configuration settings, or compromise the device's operational capacity, potentially rendering it inoperable and necessitating a complete reimage. This poses serious risks to network security and system integrity for affected Cisco Firepower Series devices.",Cisco,Cisco Firepower Threat Defense Software,8.4,HIGH,0.0005300000193528831,false,,false,false,true,2024-10-24T16:15:07.000Z,,false,false,,2024-10-23T18:15:00.000Z,0
CVE-2024-20426,https://securityvulnerability.io/vulnerability/CVE-2024-20426,Cisco ASA Software Vulnerability Allows Remote Denial of Service,"A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol used for VPN termination in Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Software poses a risk of denial of service (DoS) attacks. This issue arises from insufficient input validation, allowing unauthenticated remote attackers to send specially crafted IKEv2 traffic to the affected devices. Exploiting this vulnerability may lead to device reloads, resulting in service interruptions. Organizations using these Cisco products must take immediate action to mitigate potential risks and safeguard their network operations. More details can be found in the advisory linked below.",Cisco,"Cisco Adaptive Security Appliance (asa) Software,Cisco Firepower Threat Defense Software",8.6,HIGH,0.0004600000102072954,false,,false,false,true,2024-10-24T16:15:07.000Z,,false,false,,2024-10-23T18:15:00.000Z,0
CVE-2024-20407,https://securityvulnerability.io/vulnerability/CVE-2024-20407,Unauthorized Access to Network Policies Through TCP Intercept and Snort 3 Vulnerability,"A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engine on Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies on an affected system. Devices that are configured with Snort 2 are not affected by this vulnerability. 
 This vulnerability is due to a logic error when handling embryonic (half-open) TCP connections. An attacker could exploit this vulnerability by sending a crafted traffic pattern through an affected device. A successful exploit could allow unintended traffic to enter the network protected by the affected device.",Cisco,Cisco Firepower Threat Defense Software,5.8,MEDIUM,0.0004299999854993075,false,,false,false,true,2024-10-24T17:15:07.000Z,,false,false,,2024-10-23T18:15:00.000Z,0
CVE-2024-20384,https://securityvulnerability.io/vulnerability/CVE-2024-20384,Unauthenticated Remote Attacker Could Bypass Configured Access Control Lists,"A vulnerability in the Network Service Group (NSG) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device.
 This vulnerability is due to a logic error that occurs when NSG ACLs are populated on an affected device. An attacker could exploit this vulnerability by establishing a connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules.",Cisco,"Cisco Adaptive Security Appliance (asa) Software,Cisco Firepower Threat Defense Software",5.8,MEDIUM,0.0004299999854993075,false,,false,false,true,2024-10-24T18:15:08.000Z,,false,false,,2024-10-23T18:15:00.000Z,0
CVE-2024-20382,https://securityvulnerability.io/vulnerability/CVE-2024-20382,Cisco ASA and FTD Software Vulnerability to Cross-Site Scripting (XSS) Attacks,"A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a browser that is accessing an affected device. This vulnerability is due to improper validation of user-supplied input to application endpoints. An attacker could exploit this vulnerability by persuading a user to follow a link designed to submit malicious input to the affected application. A successful exploit could allow the attacker to execute arbitrary HTML or script code in the browser in the context of the web services page.",Cisco,"Cisco Adaptive Security Appliance (asa) Software,Cisco Firepower Threat Defense Software",6.1,MEDIUM,0.0004299999854993075,false,,false,false,true,2024-10-24T18:15:08.000Z,,false,false,,2024-10-23T18:15:00.000Z,0
CVE-2024-20370,https://securityvulnerability.io/vulnerability/CVE-2024-20370,Cisco ASA Software Vulnerability allowing Elevation of Privileges,"A vulnerability in the Cisco FXOS CLI feature on specific hardware platforms for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to elevate their administrative privileges to root. The attacker would need valid administrative credentials on the device to exploit this vulnerability. This vulnerability exists because certain system configurations and executable files have insecure storage and permissions. An attacker could exploit this vulnerability by authenticating on the device and then performing a series of steps that includes downloading malicious system files and accessing the Cisco FXOS CLI to configure the attack. A successful exploit could allow the attacker to obtain root access on the device.",Cisco,"Cisco Adaptive Security Appliance (asa) Software,Cisco Firepower Threat Defense Software",6,MEDIUM,0.0004299999854993075,false,,false,false,true,2024-10-24T18:15:08.000Z,,false,false,,2024-10-23T18:15:00.000Z,0
CVE-2024-20431,https://securityvulnerability.io/vulnerability/CVE-2024-20431,Geolocation Access Control Vulnerability Could Bypass Policy,"A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control policy.
 This vulnerability is due to improper assignment of geolocation data. An attacker could exploit this vulnerability by sending traffic through an affected device. A successful exploit could allow the attacker to bypass a geolocation-based access control policy and successfully send traffic to a protected device.",Cisco,Cisco Firepower Threat Defense Software,5.8,MEDIUM,0.0004600000102072954,false,,false,false,true,2024-10-24T15:15:06.000Z,,false,false,,2024-10-23T18:15:00.000Z,0
CVE-2024-20388,https://securityvulnerability.io/vulnerability/CVE-2024-20388,Unauthenticated Password Reset Vulnerability in Cisco FMC,"A vulnerability in the password change feature of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to determine valid user names on an affected device.
 This vulnerability is due to improper authentication of password update responses. An attacker could exploit this vulnerability by forcing a password reset on an affected device. A successful exploit could allow the attacker to determine valid user names in the unauthenticated response to a forced password reset.",Cisco,"Cisco Firepower Management Center,Cisco Firepower Threat Defense Software",5.3,MEDIUM,0.0004600000102072954,false,,false,false,true,2024-10-24T17:15:07.000Z,,false,false,,2024-10-23T18:15:00.000Z,0
CVE-2024-20481,https://securityvulnerability.io/vulnerability/CVE-2024-20481,Cisco RAVPN Vulnerability to DoS Attacks,"A vulnerability has been identified in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software. This vulnerability enables unauthenticated remote attackers to exploit the RAVPN service through a significant number of VPN authentication requests, leading to resource exhaustion. The resulting denial of service impacts the RAVPN functionality, potentially necessitating a device reload to restore service. Other services on the device remain unaffected by this issue. Detailed insights into these types of attacks are further explored in Cisco Talos' findings regarding large-scale brute-force activities targeting VPNs.",Cisco,"Cisco Adaptive Security Appliance (asa) Software,Cisco Firepower Threat Defense Software",5.8,MEDIUM,0.0018100000452250242,true,2024-10-24T00:00:00.000Z,true,false,true,2024-10-24T00:00:00.000Z,,false,false,,2024-10-23T18:15:00.000Z,0
CVE-2024-20297,https://securityvulnerability.io/vulnerability/CVE-2024-20297,Cisco Adaptive Security Appliance and Firepower Threat Defense AnyConnect  Access Control List Bypass Vulnerability,"A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device. This vulnerability is due to a logic error in populating group ACLs when an AnyConnect client establishes a new session toward an affected device. An attacker could exploit this vulnerability by establishing an AnyConnect connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules.",Cisco,"Cisco Adaptive Security Appliance (asa) Software,Cisco Firepower Threat Defense Software",5.8,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-10-24T18:15:07.000Z,,false,false,,2024-10-23T17:15:00.000Z,0
CVE-2024-20299,https://securityvulnerability.io/vulnerability/CVE-2024-20299,Cisco Adaptive Security Appliance and Firepower Threat Defense AnyConnect  Access Control List Bypass Vulnerability,"A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device. This vulnerability is due to a logic error in populating group ACLs when an AnyConnect client establishes a new session toward an affected device. An attacker could exploit this vulnerability by establishing an AnyConnect connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules.",Cisco,"Cisco Adaptive Security Appliance (asa) Software,Cisco Firepower Threat Defense Software",5.8,MEDIUM,0.00044999999227002263,false,,false,false,true,2024-10-24T17:15:07.000Z,,false,false,,2024-10-23T17:15:00.000Z,0
CVE-2024-20342,https://securityvulnerability.io/vulnerability/CVE-2024-20342,Cisco Firepower Threat Defense Software Rate Filter Bypass Vulnerability,"Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter.

This vulnerability is due to an incorrect connection count comparison. An attacker could exploit this vulnerability by sending traffic through an affected device at a rate that exceeds a configured rate filter. A successful exploit could allow the attacker to successfully bypass the rate filter. This could allow unintended traffic to enter the network protected by the affected device.",Cisco,Cisco Firepower Threat Defense Software,5.8,MEDIUM,0.0004299999854993075,false,,false,false,true,2024-10-24T16:15:06.000Z,,false,false,,2024-10-23T17:15:00.000Z,0
CVE-2024-20351,https://securityvulnerability.io/vulnerability/CVE-2024-20351,Cisco Firepower Threat Defense Software Snort Firewall Denial of Service Vulnerability,"A vulnerability exists in the TCP/IP traffic handling function of Cisco's Snort Detection Engine within the Firepower Threat Defense (FTD) Software and FirePOWER Services. This flaw allows an unauthenticated, remote adversary to disrupt legitimate network activities by overwhelming the affected system with excessive TCP/IP traffic. Exploiting this vulnerability can result in a denial of service (DoS) condition, where network traffic is erroneously dropped, significantly impairing system performance. To recover from this condition, a reboot of the affected device is required.",Cisco,Cisco Firepower Threat Defense Software,8.6,HIGH,0.00044999999227002263,false,,false,false,true,2024-10-24T16:15:07.000Z,,false,false,,2024-10-23T17:15:00.000Z,0
CVE-2024-20339,https://securityvulnerability.io/vulnerability/CVE-2024-20339,Cisco Firepower Threat Defense Software for Firepower 2100 Series TLS Denial of Service Vulnerability,"A vulnerability exists within the TLS processing capabilities in Cisco Firepower Threat Defense (FTD) Software that affects the Cisco Firepower 2100 Series. This issue allows unauthenticated, remote attackers to exploit the TLS traffic processing, which can lead to a denial of service condition. By sending specific TLS packets over IPv4, an attacker may force an affected device to reload. Such exploitability can cause significant disruption in traffic handling, affecting network operations and security protocols in place. It is crucial for users and administrators of affected products to apply necessary mitigations and patches to safeguard their systems from potential exploitation.",Cisco,Cisco Firepower Threat Defense Software,8.6,HIGH,0.00044999999227002263,false,,false,false,true,2024-10-24T17:15:07.000Z,,false,false,,2024-10-23T17:15:00.000Z,0
CVE-2024-20341,https://securityvulnerability.io/vulnerability/CVE-2024-20341,Cisco Adaptive Security Appliance WebVPN Cross-Site Scripting Vulnerability,"A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a browser that is accessing an affected device. This vulnerability is due to improper validation of user-supplied input to application endpoints. An attacker could exploit this vulnerability by persuading a user to follow a link designed to submit malicious input to the affected application. A successful exploit could allow the attacker to execute arbitrary HTML or script code in the browser in the context of the web services page.",Cisco,"Cisco Adaptive Security Appliance (asa) Software,Cisco Firepower Threat Defense Software",6.1,MEDIUM,0.0016499999910593033,false,,false,false,true,2024-10-24T18:15:08.000Z,,false,false,,2024-10-23T17:15:00.000Z,0
CVE-2024-20268,https://securityvulnerability.io/vulnerability/CVE-2024-20268,Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SNMP Denial of Service Vulnerability,"A vulnerability in the Simple Network Management Protocol (SNMP) feature found in Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) software presents a risk where an authenticated, remote attacker can trigger an unexpected device reload. This issue stems from insufficient input validation of SNMP packets. By sending a specially crafted SNMP request and leveraging either a valid SNMP community string or SNMPv3 user credentials, an attacker could exploit this vulnerability over both IPv4 and IPv6 networks, ultimately resulting in a denial of service (DoS) condition affecting the availability of the device.",Cisco,"Cisco Adaptive Security Appliance (asa) Software,Cisco Firepower Threat Defense Software",7.7,HIGH,0.00044999999227002263,false,,false,false,true,2024-10-24T18:15:07.000Z,,false,false,,2024-10-23T17:15:00.000Z,0
CVE-2024-20331,https://securityvulnerability.io/vulnerability/CVE-2024-20331,Cisco Adaptive Security Appliance and Firepower Threat Defense Software VPN Authentication DoS Vulnerability,"A vulnerability in the session authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to prevent users from authenticating.

This vulnerability is due to insufficient entropy in the authentication process. An attacker could exploit this vulnerability by determining the handle of an authenticating user and using it to terminate their authentication session. A successful exploit could allow the attacker to force a user to restart the authentication process, preventing a legitimate user from establishing remote access VPN sessions.",Cisco,"Cisco Adaptive Security Appliance (asa) Software,Cisco Firepower Threat Defense Software",5.9,MEDIUM,0.0004900000058114529,false,,false,false,true,2024-10-24T18:15:08.000Z,,false,false,,2024-10-23T17:15:00.000Z,0