Vulnerability-Lookup - Search a vulnerability

Vulnerabilites related to cisco - unified_threat_defense_snort_intrusion_prevention_system_engine

Vulnerability from fkie_nvd

Published

2024-11-15 16:15

Modified

2025-06-24 14:47

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an integer overflow while processing Modbus traffic. An attacker could exploit this vulnerability by sending crafted Modbus traffic through an affected device. A successful exploit could allow the attacker to cause the Snort process to hang, causing traffic inspection to stop.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

References

▶	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-xss-NXOxDhRQ	Not Applicable
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-9D3hJLuj	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	cyber_vision	3.0.0
cisco	cyber_vision	3.0.1
cisco	cyber_vision	3.0.2
cisco	cyber_vision	3.0.3
cisco	cyber_vision	3.0.4
cisco	cyber_vision	3.0.5
cisco	cyber_vision	3.0.6
cisco	cyber_vision	3.1.0
cisco	cyber_vision	3.1.1
cisco	cyber_vision	3.1.2
cisco	cyber_vision	3.2.0
cisco	cyber_vision	3.2.1
cisco	cyber_vision	3.2.2
cisco	cyber_vision	3.2.3
cisco	cyber_vision	3.2.4
cisco	cyber_vision	4.0.0
cisco	cyber_vision	4.0.1
cisco	firepower_threat_defense	6.2.3
cisco	firepower_threat_defense	6.2.3.1
cisco	firepower_threat_defense	6.2.3.2
cisco	firepower_threat_defense	6.2.3.3
cisco	firepower_threat_defense	6.2.3.4
cisco	firepower_threat_defense	6.2.3.5
cisco	firepower_threat_defense	6.2.3.6
cisco	firepower_threat_defense	6.2.3.7
cisco	firepower_threat_defense	6.2.3.8
cisco	firepower_threat_defense	6.2.3.9
cisco	firepower_threat_defense	6.2.3.10
cisco	firepower_threat_defense	6.2.3.11
cisco	firepower_threat_defense	6.2.3.12
cisco	firepower_threat_defense	6.2.3.13
cisco	firepower_threat_defense	6.2.3.14
cisco	firepower_threat_defense	6.2.3.15
cisco	firepower_threat_defense	6.2.3.16
cisco	firepower_threat_defense	6.2.3.17
cisco	firepower_threat_defense	6.2.3.18
cisco	firepower_threat_defense	6.4.0
cisco	firepower_threat_defense	6.4.0.1
cisco	firepower_threat_defense	6.4.0.2
cisco	firepower_threat_defense	6.4.0.3
cisco	firepower_threat_defense	6.4.0.4
cisco	firepower_threat_defense	6.4.0.5
cisco	firepower_threat_defense	6.4.0.6
cisco	firepower_threat_defense	6.4.0.7
cisco	firepower_threat_defense	6.4.0.8
cisco	firepower_threat_defense	6.4.0.9
cisco	firepower_threat_defense	6.4.0.10
cisco	firepower_threat_defense	6.4.0.11
cisco	firepower_threat_defense	6.4.0.12
cisco	firepower_threat_defense	6.6.0
cisco	firepower_threat_defense	6.6.0.1
cisco	firepower_threat_defense	6.6.1
cisco	firepower_threat_defense	6.6.3
cisco	firepower_threat_defense	6.6.4
cisco	firepower_threat_defense	6.6.5
cisco	firepower_threat_defense	6.7.0
cisco	firepower_threat_defense	6.7.0.1
cisco	firepower_threat_defense	6.7.0.2
cisco	firepower_threat_defense	6.7.0.3
cisco	firepower_threat_defense	7.0.0
cisco	firepower_threat_defense	7.0.0.1
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	3.17.0s
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	3.17.1s
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.6.1
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.6.5
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.6.6
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.6.7a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.6.9
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.6.10
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.12.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.12.2
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.12.3
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.12.4
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.12.5
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	16.12.6
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.1.1
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.2.1r
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.3.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.3.2
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.3.3
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.3.4
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.3.4a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.4.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.4.1b
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.4.2
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.5.1
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.5.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.6.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.7.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	denali-16.3.3
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	denali-16.3.4
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	denali-16.3.5
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	denali-16.3.7
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	denali-16.3.9
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	everest-16.6.2
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	everest-16.6.3
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	everest-16.6.4
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	fuji-16.9.2
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	fuji-16.9.3
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	fuji-16.9.4
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	fuji-16.9.5
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	fuji-16.9.6
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	fuji-16.9.7
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	fuji-16.9.8

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3297323C-B263-45EA-90CE-2B8415C9E498",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "797AD8A4-083B-4A9E-A49D-65EE828E1637",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB16212-A9DC-4C8C-B220-9619C65436EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C64043F-1F0D-47F7-AEEE-309B239891DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7605B088-A708-40D3-806B-D7E460AE53DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1F7F871-C211-4DC6-8020-1075405BAE17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "30E42800-B7C9-4006-8B7A-5A9A5F5EB234",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE33F541-232E-4432-AB41-EC0500A85E6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D5B5FDC-79B2-447E-816F-1F630508A889",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B806EAC6-E1B2-40FB-9B2F-6AFB4A16AF89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7BAC55C-C114-4E64-BC9E-9000B8C016CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "925E6B9B-F7F1-4ED8-8431-282A1061B527",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A10EDC3E-0EF6-47DD-834D-51C5BBCC13EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB5F799E-6696-4391-9B58-06715FA4086A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:3.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE31D26B-CD47-4853-B1C3-2E50B0882AFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758714C-4E9A-4442-9AD1-82D8E43995C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:cyber_vision:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F63C0E4-99A9-4D4F-BCF9-EF5F5455C04C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "08D5A647-AC21-40AC-8B3C-EE5D3EDA038A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6BD0EE-649E-4ED6-A09C-8364335DEF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE11554-FE3C-4C8B-8986-5D88E4967342",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C11983-22A8-4859-A240-571A7815FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:3.17.0s:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE3E6C71-2A80-45CE-8113-38AE35749E6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:3.17.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D6BEE46-D928-4214-A2C9-88AC63DFE2FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12C50D98-0CAE-4E61-BFFC-8E91A97BED35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "162956CE-1B24-41C6-A7C5-BCA214587CD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "146D7432-4357-409A-8E6D-C9D04CF43ADC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.6.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "540DBCF6-3733-4E0C-94C9-58B98D13E35D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.6.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "68BB8A38-693D-4768-A917-81FF9E898AEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.6.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "90BCC057-5064-4FE5-B2C8-2EB14A59D763",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.12.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D7C20FF-6587-4E62-9318-03B4C61AC70C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA0536C6-5F9E-48A7-A004-F0F5FE9C83E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "11FF3577-FC7E-4CAE-8B06-CAFAB97D7D7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F8DC147-FB97-4364-9520-6E69C282424F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.12.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "88D51165-6AF2-4E61-83DC-D04EC90ED435",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:16.12.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC483F1B-D09E-486A-99FF-D7C0872C5CA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFA2C618-C2DA-4194-869D-1F0198A361B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.2.1r:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FEB2A57-CF8F-4E87-939A-5B3EF7E5E0A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.3.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BA9E488-2A54-4226-B413-89D141362350",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "359EDE5C-4017-487A-B3D3-F22A42165E89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D024AF06-DCB5-44B4-A985-07EDC093DBB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "373F1DDC-E1A7-496F-A86D-3724266D3143",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.3.4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "A28594C9-139A-4EE4-81D9-C7E96A1DD886",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.4.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "018F06B0-1486-4822-B2EA-4449652919EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.4.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADEC96FA-5B14-43AD-B83A-AA630941DD5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D3B1688-5301-4799-9AAC-DC7ED4497AAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B5FDEDF-B870-4204-BADC-92805F431BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.5.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0A61788-FA7B-4506-90DF-17ED5053C3A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.6.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "245ED9C3-4B16-4CC1-BC78-B4AED938C0B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.7.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D39700C2-E83C-4ECE-9640-CEFBDD18DC4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:denali-16.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CC7F6B1-FD0C-4D68-9DA2-B34096899C0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:denali-16.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "39C52FF5-F2A8-41DD-A584-FD16CE143329",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:denali-16.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A629FCAF-0F3C-43C9-8BDB-68D9EE675A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:denali-16.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E8F55F7-9FF4-4A97-925C-F828701BA18E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:denali-16.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACE7D048-0D0B-4E48-8E57-192B02F5CD1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:everest-16.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E7B2DC4-3971-4D60-B9F9-282332E6CBEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:everest-16.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B88058B-F68D-4901-8BB0-30E8BE9A98B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:everest-16.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7271541D-6563-4DE7-9085-E6CB66583C2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:fuji-16.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C956E85E-B778-43E3-ABBE-4C373FF474A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:fuji-16.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A31CEA23-B824-4D43-9FED-16071985C822",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:fuji-16.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E59FDC96-71AC-4FC7-BA0A-1EAC301362D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:fuji-16.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DADBCC11-AF7D-41EA-B88F-F4B72F90B258",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:fuji-16.9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "32867BBF-E973-4B9E-895A-4E75C5F7F35F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:fuji-16.9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B13ACF4-20B5-4DC8-BDDA-144AFA1DFD55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:fuji-16.9.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D94B404-B1F4-42D4-ACF6-4F84F2B34F80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\nThis vulnerability is due to an integer overflow while processing Modbus traffic. An attacker could exploit this vulnerability by sending crafted Modbus traffic through an affected device. A successful exploit could allow the attacker to cause the Snort process to hang, causing traffic inspection to stop.Cisco\u0026nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el preprocesador Modbus del motor de detecci\u00f3n Snort podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a un desbordamiento de enteros durante el procesamiento del tr\u00e1fico Modbus. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando tr\u00e1fico Modbus manipulado a trav\u00e9s de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque que el proceso Snort se bloquee, lo que provocar\u00eda que se detenga la inspecci\u00f3n del tr\u00e1fico. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad."
    }
  ],
  "id": "CVE-2022-20685",
  "lastModified": "2025-06-24T14:47:25.657",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-11-15T16:15:21.910",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-xss-NXOxDhRQ"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-9D3hJLuj"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-190"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-190"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-05-22 17:16

Modified

2025-07-03 17:19

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Summary

Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System (IPS) rule engine that could allow an unauthenticated, remote attacker to bypass the configured rules on an affected system. This vulnerability is due to incorrect HTTP packet handling. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured IPS rules and allow uninspected traffic onto the network.

References

▶	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-ips-bypass-uE69KBMd	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-ips-bypass-uE69KBMd	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	firepower_threat_defense	7.4.0
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.6.4
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.6.5
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.12.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.12.2
cisco	snort	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3E08AAC-9C5E-4D18-817C-C466D1D6C4DE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "90DCBE28-910B-418E-AD93-EA0BB69913D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "EED24474-335B-4595-A4B1-A2F1E9590AFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.12.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FC4D3D8-4391-4ED6-B27B-EF47C96904CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "60AE1B18-3CEB-45B3-A43D-3C6DCC1F20F3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:snort:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F36998E8-E48F-4EE5-84C0-31DE3956F313",
              "versionEndExcluding": "3.1.69.0",
              "versionStartIncluding": "3.0.0-233",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System (IPS) rule engine that could allow an unauthenticated, remote attacker to bypass the configured rules on an affected system. This vulnerability is due to incorrect HTTP packet handling. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured IPS rules and allow uninspected traffic onto the network."
    },
    {
      "lang": "es",
      "value": "Varios productos de Cisco se ven afectados por una vulnerabilidad en el motor de reglas del Snort Intrusion Prevention System (IPS) que podr\u00eda permitir a un atacante remoto no autenticado eludir las reglas configuradas en un sistema afectado. Esta vulnerabilidad se debe a un manejo incorrecto de paquetes HTTP. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando paquetes HTTP manipulados a trav\u00e9s de un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante eludir las reglas IPS configuradas y permitir el ingreso de tr\u00e1fico no inspeccionado a la red."
    }
  ],
  "id": "CVE-2024-20363",
  "lastModified": "2025-07-03T17:19:51.450",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-05-22T17:16:13.950",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-ips-bypass-uE69KBMd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-ips-bypass-uE69KBMd"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-290"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-290"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2024-09-25 17:15

Modified

2024-10-03 14:43

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Summary

A vulnerability in Cisco Unified Threat Defense (UTD) Snort Intrusion Prevention System (IPS) Engine for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured security policies or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of HTTP requests when they are processed by Cisco UTD Snort IPS Engine. An attacker could exploit this vulnerability by sending a crafted HTTP request through an affected device. A successful exploit could allow the attacker to trigger a reload of the Snort process. If the action in case of Cisco UTD Snort IPS Engine failure is set to the default, fail-open, successful exploitation of this vulnerability could allow the attacker to bypass configured security policies. If the action in case of Cisco UTD Snort IPS Engine failure is set to fail-close, successful exploitation of this vulnerability could cause traffic that is configured to be inspected by Cisco UTD Snort IPS Engine to be dropped.

References

▶	URL	Tags
	psirt@cisco.com	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-utd-snort3-dos-bypas-b4OUEwxD	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.6.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.6.2
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.6.6
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.7.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.7.2
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.8.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.9.5a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.11.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.12.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.12.2
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.12.3
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.12.3a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.12.4
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.13.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.14.1a
cisco	unified_threat_defense_snort_intrusion_prevention_system_engine	17.15.1a

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.6.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "245ED9C3-4B16-4CC1-BC78-B4AED938C0B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC21847D-908F-45C0-9A97-E77DE1C4A8D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBCF8B3B-1F42-43CF-A328-9381BA459262",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.7.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D39700C2-E83C-4ECE-9640-CEFBDD18DC4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA09D285-3016-4042-9078-F94254C330B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.8.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "0286B57C-2E00-48F9-B3B4-E2EF3E874218",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.9.5a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D247882B-DDA4-47A6-A2B0-2AFFCB94F133",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.11.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F45D0BD-724A-4D44-9192-D52FAF2E51FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.12.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FC4D3D8-4391-4ED6-B27B-EF47C96904CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "60AE1B18-3CEB-45B3-A43D-3C6DCC1F20F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F4AA555-A8AD-4EF1-BDED-CCB550AA7560",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.12.3a:*:*:*:*:*:*:*",
              "matchCriteriaId": "158ADFDB-D308-40AA-A445-BB9AF2F2414B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F44916C-A0B3-40B1-B9E5-ACED3A0ECC80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.13.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA3E7D96-E406-4CB5-91FC-A0FD5D94A876",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.14.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "07AAFFE0-B85D-4A62-894B-20A05973CC5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:unified_threat_defense_snort_intrusion_prevention_system_engine:17.15.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "7842C05A-F9DE-49A7-8478-A1EF324C593D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in Cisco Unified Threat Defense (UTD) Snort Intrusion Prevention System (IPS) Engine for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured security policies or cause a denial of service (DoS) condition on an affected device.\r\n\r\nThis vulnerability is due to insufficient validation of HTTP requests when they are processed by Cisco UTD Snort IPS Engine. An attacker could exploit this vulnerability by sending a crafted HTTP request through an affected device. A successful exploit could allow the attacker to trigger a reload of the Snort process.  If the action in case of Cisco UTD Snort IPS Engine failure is set to the default, fail-open, successful exploitation of this vulnerability could allow the attacker to bypass configured security policies. If the action in case of Cisco UTD Snort IPS Engine failure is set to fail-close, successful exploitation of this vulnerability could cause traffic that is configured to be inspected by Cisco UTD Snort IPS Engine to be dropped."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en Cisco Unified Threat Defense (UTD) Snort Intrusion Prevention System (IPS) Engine para Cisco IOS XE Software podr\u00eda permitir que un atacante remoto no autenticado omita las pol\u00edticas de seguridad configuradas o provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de las solicitudes HTTP cuando son procesadas por Cisco UTD Snort IPS Engine. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una solicitud HTTP manipulada a trav\u00e9s de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante activar una recarga del proceso Snort. Si la acci\u00f3n en caso de falla de Cisco UTD Snort IPS Engine est\u00e1 configurada en la predeterminada, fail-open, la explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda permitir al atacante omitir las pol\u00edticas de seguridad configuradas. Si la acci\u00f3n en caso de falla de Cisco UTD Snort IPS Engine est\u00e1 configurada en fail-close, la explotaci\u00f3n exitosa de esta vulnerabilidad podr\u00eda hacer que se descarte el tr\u00e1fico que est\u00e1 configurado para ser inspeccionado por Cisco UTD Snort IPS Engine."
    }
  ],
  "id": "CVE-2024-20508",
  "lastModified": "2024-10-03T14:43:23.810",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.5,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-09-25T17:15:18.267",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-utd-snort3-dos-bypas-b4OUEwxD"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-122"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2024-20508 (GCVE-0-2024-20508)

Vulnerability from cvelistv5

Published

2024-09-25 16:19

Modified

2024-11-12 15:03

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-122 - Heap-based Buffer Overflow

Summary

References

►

URL

	Vendor	Product	Version
	Cisco	Cisco UTD SNORT IPS Engine Software	Version: 17.12.1a Version: 17.12.2 Version: 17.13.1a Version: 17.12.3 Version: 17.12.3a Version: 17.15.1a Version: 17.9.5a Version: 17.6.1a Version: 17.8.1a Version: 17.6.2 Version: 17.7.2 Version: 17.12.4 Version: 17.14.1a Version: 17.11.1a Version: 17.7.1a Version: 17.6.6

CVE-2022-20685 (GCVE-0-2022-20685)

Vulnerability from cvelistv5

Published

2024-11-15 15:36

Modified

2025-01-27 17:48

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-190 - Integer Overflow or Wraparound

Summary

References

►

URL

Tags

	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-9D3hJLuj
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-xss-NXOxDhRQ

Impacted products

Vendor

Product

Version

►

Cisco

Cisco Cyber Vision

Version: 3.0.0
Version: 3.0.2
Version: 3.0.3
Version: 3.0.1
Version: 3.1.0
Version: 3.0.4
Version: 3.1.1
Version: 3.1.2
Version: 3.2.0
Version: 3.0.5
Version: 3.2.1
Version: 3.0.6
Version: 3.2.2
Version: 3.2.3
Version: 3.2.4
Version: 4.0.0
Version: 4.0.1

	Cisco	Cisco Firepower Threat Defense Software	Version: 6.2.3.14 Version: 6.4.0.1 Version: 6.2.3.7 Version: 6.2.3 Version: 6.4.0.2 Version: 6.2.3.9 Version: 6.2.3.1 Version: 6.2.3.2 Version: 6.4.0.5 Version: 6.2.3.10 Version: 6.4.0 Version: 6.4.0.3 Version: 6.2.3.6 Version: 6.4.0.4 Version: 6.2.3.15 Version: 6.2.3.5 Version: 6.2.3.4 Version: 6.2.3.3 Version: 6.2.3.8 Version: 6.4.0.6 Version: 6.2.3.11 Version: 6.2.3.12 Version: 6.2.3.13 Version: 6.4.0.7 Version: 6.4.0.8 Version: 6.6.0 Version: 6.4.0.9 Version: 6.2.3.16 Version: 6.6.0.1 Version: 6.6.1 Version: 6.4.0.10 Version: 6.7.0 Version: 6.4.0.11 Version: 6.6.3 Version: 6.7.0.1 Version: 6.6.4 Version: 6.4.0.12 Version: 6.7.0.2 Version: 7.0.0 Version: 6.2.3.17 Version: 7.0.0.1 Version: 6.6.5 Version: 6.2.3.18 Version: 6.7.0.3
	Cisco	Cisco UTD SNORT IPS Engine Software	Version: 3.17.1S Version: 16.12.3 Version: Fuji-16.9.5 Version: 16.12.4 Version: 17.3.1a Version: 16.6.6 Version: 16.12.2 Version: Fuji-16.9.6 Version: 3.17.0S Version: Fuji-16.9.3 Version: Denali-16.3.7 Version: Fuji-16.9.2 Version: Fuji-16.9.4 Version: Everest-16.6.4 Version: Everest-16.6.3 Version: 16.6.5 Version: Denali-16.3.5 Version: 17.2.1r Version: 17.1.1 Version: Everest-16.6.2 Version: 16.6.7a Version: Denali-16.3.4 Version: 16.6.1 Version: Denali-16.3.9 Version: Denali-16.3.3 Version: 16.12.1a Version: 17.3.2 Version: 17.4.1a Version: 16.12.5 Version: 17.5.1 Version: Fuji-16.9.7 Version: 16.6.9 Version: 17.3.3 Version: 17.5.1a Version: 17.3.4 Version: 17.3.4a Version: 17.4.2 Version: 17.4.1b Version: 17.6.1a Version: 16.6.10 Version: 17.7.1a Version: 16.12.6 Version: Fuji-16.9.8

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-20685",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:20:05.316414Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-190",
                "description": "CWE-190 Integer Overflow or Wraparound",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-27T17:48:32.910Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco Cyber Vision",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "3.0.0"
            },
            {
              "status": "affected",
              "version": "3.0.2"
            },
            {
              "status": "affected",
              "version": "3.0.3"
            },
            {
              "status": "affected",
              "version": "3.0.1"
            },
            {
              "status": "affected",
              "version": "3.1.0"
            },
            {
              "status": "affected",
              "version": "3.0.4"
            },
            {
              "status": "affected",
              "version": "3.1.1"
            },
            {
              "status": "affected",
              "version": "3.1.2"
            },
            {
              "status": "affected",
              "version": "3.2.0"
            },
            {
              "status": "affected",
              "version": "3.0.5"
            },
            {
              "status": "affected",
              "version": "3.2.1"
            },
            {
              "status": "affected",
              "version": "3.0.6"
            },
            {
              "status": "affected",
              "version": "3.2.2"
            },
            {
              "status": "affected",
              "version": "3.2.3"
            },
            {
              "status": "affected",
              "version": "3.2.4"
            },
            {
              "status": "affected",
              "version": "4.0.0"
            },
            {
              "status": "affected",
              "version": "4.0.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Cisco Firepower Threat Defense Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "6.2.3.14"
            },
            {
              "status": "affected",
              "version": "6.4.0.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.7"
            },
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.4.0.2"
            },
            {
              "status": "affected",
              "version": "6.2.3.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.1"
            },
            {
              "status": "affected",
              "version": "6.2.3.2"
            },
            {
              "status": "affected",
              "version": "6.4.0.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.10"
            },
            {
              "status": "affected",
              "version": "6.4.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.6"
            },
            {
              "status": "affected",
              "version": "6.4.0.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.15"
            },
            {
              "status": "affected",
              "version": "6.2.3.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.4"
            },
            {
              "status": "affected",
              "version": "6.2.3.3"
            },
            {
              "status": "affected",
              "version": "6.2.3.8"
            },
            {
              "status": "affected",
              "version": "6.4.0.6"
            },
            {
              "status": "affected",
              "version": "6.2.3.11"
            },
            {
              "status": "affected",
              "version": "6.2.3.12"
            },
            {
              "status": "affected",
              "version": "6.2.3.13"
            },
            {
              "status": "affected",
              "version": "6.4.0.7"
            },
            {
              "status": "affected",
              "version": "6.4.0.8"
            },
            {
              "status": "affected",
              "version": "6.6.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.9"
            },
            {
              "status": "affected",
              "version": "6.2.3.16"
            },
            {
              "status": "affected",
              "version": "6.6.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.1"
            },
            {
              "status": "affected",
              "version": "6.4.0.10"
            },
            {
              "status": "affected",
              "version": "6.7.0"
            },
            {
              "status": "affected",
              "version": "6.4.0.11"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.7.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "6.4.0.12"
            },
            {
              "status": "affected",
              "version": "6.7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.0"
            },
            {
              "status": "affected",
              "version": "6.2.3.17"
            },
            {
              "status": "affected",
              "version": "7.0.0.1"
            },
            {
              "status": "affected",
              "version": "6.6.5"
            },
            {
              "status": "affected",
              "version": "6.2.3.18"
            },
            {
              "status": "affected",
              "version": "6.7.0.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Cisco UTD SNORT IPS Engine Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "3.17.1S"
            },
            {
              "status": "affected",
              "version": "16.12.3"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.5"
            },
            {
              "status": "affected",
              "version": "16.12.4"
            },
            {
              "status": "affected",
              "version": "17.3.1a"
            },
            {
              "status": "affected",
              "version": "16.6.6"
            },
            {
              "status": "affected",
              "version": "16.12.2"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.6"
            },
            {
              "status": "affected",
              "version": "3.17.0S"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.3"
            },
            {
              "status": "affected",
              "version": "Denali-16.3.7"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.2"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.4"
            },
            {
              "status": "affected",
              "version": "Everest-16.6.4"
            },
            {
              "status": "affected",
              "version": "Everest-16.6.3"
            },
            {
              "status": "affected",
              "version": "16.6.5"
            },
            {
              "status": "affected",
              "version": "Denali-16.3.5"
            },
            {
              "status": "affected",
              "version": "17.2.1r"
            },
            {
              "status": "affected",
              "version": "17.1.1"
            },
            {
              "status": "affected",
              "version": "Everest-16.6.2"
            },
            {
              "status": "affected",
              "version": "16.6.7a"
            },
            {
              "status": "affected",
              "version": "Denali-16.3.4"
            },
            {
              "status": "affected",
              "version": "16.6.1"
            },
            {
              "status": "affected",
              "version": "Denali-16.3.9"
            },
            {
              "status": "affected",
              "version": "Denali-16.3.3"
            },
            {
              "status": "affected",
              "version": "16.12.1a"
            },
            {
              "status": "affected",
              "version": "17.3.2"
            },
            {
              "status": "affected",
              "version": "17.4.1a"
            },
            {
              "status": "affected",
              "version": "16.12.5"
            },
            {
              "status": "affected",
              "version": "17.5.1"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.7"
            },
            {
              "status": "affected",
              "version": "16.6.9"
            },
            {
              "status": "affected",
              "version": "17.3.3"
            },
            {
              "status": "affected",
              "version": "17.5.1a"
            },
            {
              "status": "affected",
              "version": "17.3.4"
            },
            {
              "status": "affected",
              "version": "17.3.4a"
            },
            {
              "status": "affected",
              "version": "17.4.2"
            },
            {
              "status": "affected",
              "version": "17.4.1b"
            },
            {
              "status": "affected",
              "version": "17.6.1a"
            },
            {
              "status": "affected",
              "version": "16.6.10"
            },
            {
              "status": "affected",
              "version": "17.7.1a"
            },
            {
              "status": "affected",
              "version": "16.12.6"
            },
            {
              "status": "affected",
              "version": "Fuji-16.9.8"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\nThis vulnerability is due to an integer overflow while processing Modbus traffic. An attacker could exploit this vulnerability by sending crafted Modbus traffic through an affected device. A successful exploit could allow the attacker to cause the Snort process to hang, causing traffic inspection to stop.Cisco\u0026nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco\u00a0Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "Integer Overflow or Wraparound",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-15T15:36:31.261Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-snort-dos-9D3hJLuj",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-9D3hJLuj"
        },
        {
          "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-xss-NXOxDhRQ\u003c/a\u003e\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eAttention\u003c/strong\u003e: Simplifying the Cisco\u0026nbsp;portfolio includes the renaming of security products under one brand: Cisco\u0026nbsp;Secure. For more information, see \u003ca href=\"https://www.cisco.com/c/en/us/products/security/secure-names.html\"\u003eMeet Cisco\u0026nbsp;Secure",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-xss-NXOxDhRQ"
        }
      ],
      "source": {
        "advisory": "cisco-sa-snort-dos-9D3hJLuj",
        "defects": [
          "CSCvz27235"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Multiple Cisco Products Snort Modbus Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20685",
    "datePublished": "2024-11-15T15:36:31.261Z",
    "dateReserved": "2021-11-02T13:28:29.055Z",
    "dateUpdated": "2025-01-27T17:48:32.910Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-20363 (GCVE-0-2024-20363)

Vulnerability from cvelistv5

Published

2024-05-22 16:52

Modified

2024-08-01 21:59

Severity ?

5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-290 - Authentication Bypass by Spoofing

Summary

References

►

URL