CVE-2024-20342

Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter.  This vulnerability is due to an incorrect connection count comparison. An attacker could exploit this vulnerability by sending traffic through an affected device at a rate that exceeds a configured rate filter. A successful exploit could allow the attacker to successfully bypass the rate filter. This could allow unintended traffic to enter the network protected by the affected device.

Severity	MEDIUM
CVSS	5.8
CWE	CWE-1025
KEV
Published	1 year ago
Modified	9 months ago

Related Products

Product	Advisory
Cisco Secure Firewall Threat Defense Virtual	cisco-sa-snort-rf-bypass-OY8f3pnM
Cisco Secure Firewall Threat Defense (FTD) Software	cisco-sa-snort-rf-bypass-OY8f3pnM
Cisco Secure Firewall 4200 Series	cisco-sa-snort-rf-bypass-OY8f3pnM
Cisco Secure Firewall 3100 Series	cisco-sa-snort-rf-bypass-OY8f3pnM
Cisco Firepower Threat Defense Software	cisco-sa-snort-rf-bypass-OY8f3pnM
Cisco Firepower 9000 Series	cisco-sa-snort-rf-bypass-OY8f3pnM
Cisco Firepower 4100 Series	cisco-sa-snort-rf-bypass-OY8f3pnM
Cisco Firepower 2100 Series	cisco-sa-snort-rf-bypass-OY8f3pnM
Cisco Firepower 1000 Series	cisco-sa-snort-rf-bypass-OY8f3pnM
Cisco ASA 5500-X Series Firewalls	cisco-sa-snort-rf-bypass-OY8f3pnM
Cisco 3000 Series Industrial Security Appliances (ISA)	cisco-sa-snort-rf-bypass-OY8f3pnM