A vulnerability in Cisco Unified Threat Defense (UTD) Snort Intrusion Prevention System (IPS) Engine for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured security policies or cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to insufficient validation of HTTP requests when they are processed by Cisco UTD Snort IPS Engine. An attacker could exploit this vulnerability by sending a crafted HTTP request through an affected device. A successful exploit could allow the attacker to trigger a reload of the Snort process. If the action in case of Cisco UTD Snort IPS Engine failure is set to the default, fail-open, successful exploitation of this vulnerability could allow the attacker to bypass configured security policies. If the action in case of Cisco UTD Snort IPS Engine failure is set to fail-close, successful exploitation of this vulnerability could cause traffic that is configured to be inspected by Cisco UTD Snort IPS Engine to be dropped.
Metrics
Affected Vendors & Products
References
History
Tue, 12 Nov 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Cisco cisco Utd Snort Ips Engine Software
|
|
CPEs | cpe:2.3:a:cisco:cisco_utd_snort_ips_engine_software:*:*:*:*:*:*:*:* | |
Vendors & Products |
Cisco cisco Utd Snort Ips Engine Software
|
|
Metrics |
ssvc
|
Thu, 03 Oct 2024 15:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Cisco
Cisco unified Threat Defense Snort Intrusion Prevention System Engine |
|
Weaknesses | CWE-787 | |
CPEs | cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.11.1a:*:*:*:*:*:*:* cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.12.1a:*:*:*:*:*:*:* cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.12.2:*:*:*:*:*:*:* cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.12.3:*:*:*:*:*:*:* cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.12.3a:*:*:*:*:*:*:* cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.12.4:*:*:*:*:*:*:* cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.13.1a:*:*:*:*:*:*:* cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.14.1a:*:*:*:*:*:*:* cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.15.1a:*:*:*:*:*:*:* cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.6.1a:*:*:*:*:*:*:* cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.6.2:*:*:*:*:*:*:* cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.6.6:*:*:*:*:*:*:* cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.7.1a:*:*:*:*:*:*:* cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.7.2:*:*:*:*:*:*:* cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.8.1a:*:*:*:*:*:*:* cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.9.5a:*:*:*:*:*:*:* |
|
Vendors & Products |
Cisco
Cisco unified Threat Defense Snort Intrusion Prevention System Engine |
Wed, 25 Sep 2024 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability in Cisco Unified Threat Defense (UTD) Snort Intrusion Prevention System (IPS) Engine for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured security policies or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of HTTP requests when they are processed by Cisco UTD Snort IPS Engine. An attacker could exploit this vulnerability by sending a crafted HTTP request through an affected device. A successful exploit could allow the attacker to trigger a reload of the Snort process. If the action in case of Cisco UTD Snort IPS Engine failure is set to the default, fail-open, successful exploitation of this vulnerability could allow the attacker to bypass configured security policies. If the action in case of Cisco UTD Snort IPS Engine failure is set to fail-close, successful exploitation of this vulnerability could cause traffic that is configured to be inspected by Cisco UTD Snort IPS Engine to be dropped. | |
Title | Cisco UTD Snort IPS Engine Software for Cisco IOS XE Software Security Policy Bypass and Denial of Service Vulnerability | |
Weaknesses | CWE-122 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2024-09-25T16:19:39.387Z
Updated: 2024-11-12T15:03:36.564Z
Reserved: 2023-11-08T15:08:07.688Z
Link: CVE-2024-20508
Vulnrichment
Updated: 2024-11-12T15:03:31.144Z
NVD
Status : Analyzed
Published: 2024-09-25T17:15:18.267
Modified: 2024-10-03T14:43:23.810
Link: CVE-2024-20508
Redhat
No data.