CVE-2024-20431

A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control policy. This vulnerability is due to improper assignment of geolocation data. An attacker could exploit this vulnerability by sending traffic through an affected device. A successful exploit could allow the attacker to bypass a geolocation-based access control policy and successfully send traffic to a protected device.

Severity	MEDIUM
CVSS	5.8
CWE	CWE-229
KEV
Published	1 year ago
Modified	1 year ago

Related Products

Product	Advisory
Cisco Secure Firewall Threat Defense Virtual	cisco-sa-ftd-geoip-bypass-MB4zRDu
Cisco Secure Firewall Threat Defense (FTD) Software	cisco-sa-ftd-geoip-bypass-MB4zRDu
Cisco Secure Firewall 4200 Series	cisco-sa-ftd-geoip-bypass-MB4zRDu
Cisco Secure Firewall 3100 Series	cisco-sa-ftd-geoip-bypass-MB4zRDu
Cisco Firepower Threat Defense Software	cisco-sa-ftd-geoip-bypass-MB4zRDu
Cisco Firepower 9000 Series	cisco-sa-ftd-geoip-bypass-MB4zRDu
Cisco Firepower 4100 Series	cisco-sa-ftd-geoip-bypass-MB4zRDu
Cisco Firepower 2100 Series	cisco-sa-ftd-geoip-bypass-MB4zRDu
Cisco Firepower 1000 Series	cisco-sa-ftd-geoip-bypass-MB4zRDu
Cisco ASA 5500-X Series Firewalls	cisco-sa-ftd-geoip-bypass-MB4zRDu
Cisco 3000 Series Industrial Security Appliances (ISA)	cisco-sa-ftd-geoip-bypass-MB4zRDu