Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2024-20293

Disclosure Date: May 22, 2024
CVE-2024-20293
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

A vulnerability in the activation of an access control list (ACL) on Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected device. This vulnerability is due to a logic error that occurs when an ACL changes from inactive to active in the running configuration of an affected device. An attacker could exploit this vulnerability by sending traffic through the affected device that should be denied by the configured ACL. The reverse condition is also true—traffic that should be permitted could be denied by the configured ACL. A successful exploit could allow the attacker to bypass configured ACL protections on the affected device, allowing the attacker to access trusted networks that the device might be protecting. Note: This vulnerability applies to both IPv4 and IPv6 traffic as well as dual-stack ACL configurations in which both IPv4 and IPv6 ACLs are configured on an interface.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
Cisco Adaptive Security Appliance (ASA) Software 9.19.1
Cisco Adaptive Security Appliance (ASA) Software 9.19.1.5
Cisco Adaptive Security Appliance (ASA) Software 9.19.1.9
Cisco Adaptive Security Appliance (ASA) Software 9.19.1.12
Cisco Adaptive Security Appliance (ASA) Software 9.19.1.18
Cisco Adaptive Security Appliance (ASA) Software 9.19.1.22
Cisco Adaptive Security Appliance (ASA) Software 9.19.1.24
Cisco Adaptive Security Appliance (ASA) Software 9.20.1
Cisco Adaptive Security Appliance (ASA) Software 9.20.1.5
Cisco Firepower Threat Defense Software 7.3.0
Cisco Firepower Threat Defense Software 7.3.1
Cisco Firepower Threat Defense Software 7.3.1.1
Cisco Firepower Threat Defense Software 7.3.1.2
Cisco Firepower Threat Defense Software 7.4.0
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • Cisco

Products

  • Cisco Adaptive Security Appliance (ASA) Software,
  • Cisco Firepower Threat Defense Software

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis