PromptRiskDBThreat intelligence atlas

CVE-2024-20353 - Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)

AI Vulnerability Context

A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to incomplete error checking when parsing an HTTP header. An attacker could exploit this vul...

Overview

A source-backed snapshot of this vulnerability.

A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to incomplete error checking when parsing an HTTP header. An attacker could exploit this vulnerability by sending a crafted HTTP request to a targeted web server on a device. A successful exploit could allow the attacker to cause a DoS condition when the device reloads.

CISA KEVyesWhether CISA lists this as exploited.
Techniques0AI attack methods connected to this vulnerability.
Case studies0Examples where this vulnerability is mentioned.

Vulnerability status

How serious this vulnerability is and whether it is known to be exploited.

CISA KEVHIGH
CVE ID
CVE-2024-20353
Vendor/project
Cisco
Product
Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
Vulnerability name
Cisco ASA and FTD Denial of Service Vulnerability
Date added
2024-04-24
Due date
2024-05-01
Known ransomware campaign use
Unknown
CVSS v3
8.6
CWE-835

Exploit context

What the vulnerability is about.

A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to incomplete error checking when parsing an HTTP header. An attacker could exploit this vulnerability by sending a crafted HTTP request to a targeted web server on a device. A successful exploit could allow the attacker to cause a DoS condition when the device reloads.

Source evidence

Original public records and references for this page.

Original source

Original source links

Open the public records and source datasets used for this page.