CVE-2024-20331— Cisco Firepower Threat Defense和Cisco Adaptive Security Appliance 安全漏洞
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2024-20331の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
Cisco Adaptive Security Appliance and Firepower Threat Defense Software VPN Authentication DoS Vulnerability
ソース: NVD (National Vulnerability Database)
脆弱性説明
A vulnerability in the session authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to prevent users from authenticating. This vulnerability is due to insufficient entropy in the authentication process. An attacker could exploit this vulnerability by determining the handle of an authenticating user and using it to terminate their authentication session. A successful exploit could allow the attacker to force a user to restart the authentication process, preventing a legitimate user from establishing remote access VPN sessions.
ソース: NVD (National Vulnerability Database)
CVSS情報
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
使用不充分的随机数
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Cisco Firepower Threat Defense和Cisco Adaptive Security Appliance 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Cisco Firepower Threat Defense(FTD)和Cisco Adaptive Security Appliance都是美国思科(Cisco)公司的产品。Cisco Firepower Threat Defense是一套提供下一代防火墙服务的统一软件。Cisco Adaptive Security Appliance是一个网络设备。用于保护各种规模的公司网络和数据中心。 Cisco Firepower Threat Defense和Cisco Adaptive Security Ap
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
| ベンダー | プロダクト | 影響を受けるバージョン | CPE | 購読 |
|---|---|---|---|---|
| Cisco | Cisco Adaptive Security Appliance (ASA) Software | 9.12.3 | - | |
| Cisco | Cisco Firepower Threat Defense Software | 6.2.3.14 | - |
II. CVE-2024-20331の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2024-20331のインテリジェンス情報
お願いします ログイン より多くのインテリジェンス情報を見る
Same Patch Batch · Cisco · 2024-10-23 · 52 CVEs total
| CVE-2024-20329 | 9.9 CRITICAL | Cisco Adaptive Security Appliance Software Remote Command Injection Vulnerability |
| CVE-2024-20424 | 9.9 CRITICAL | Cisco Secure Firewall Management Center 安全漏洞 |
| CVE-2024-20412 | 9.3 CRITICAL | Cisco Firepower Threat Defense 安全漏洞 |
| CVE-2024-20351 | 8.6 HIGH | Cisco Firepower Threat Defense Software Snort Firewall Denial of Service Vulnerability |
| CVE-2024-20402 | 8.6 HIGH | Cisco Firepower Threat Defense和Cisco Adaptive Security Appliance 安全漏洞 |
| CVE-2024-20339 | 8.6 HIGH | Cisco Firepower Threat Defense Software for Firepower 2100 Series TLS Denial of Service Vu |
| CVE-2024-20330 | 8.6 HIGH | Cisco Firepower Threat Defense Software for Cisco Firepower 2100 Series TCP UDP Snort 2 an |
| CVE-2024-20426 | 8.6 HIGH | Cisco Firepower Threat Defense和Cisco Adaptive Security Appliance 安全漏洞 |
| CVE-2024-20495 | 8.6 HIGH | Cisco Firepower Threat Defense和Cisco Adaptive Security Appliance 安全漏洞 |
| CVE-2024-20494 | 8.6 HIGH | Cisco Firepower Threat Defense和Cisco Adaptive Security Appliance 安全漏洞 |
| CVE-2024-20260 | 8.6 HIGH | Cisco Adaptive Security Virtual Appliance and Secure Firewall Threat Defense Virtual SSL V |
| CVE-2024-20408 | 7.7 HIGH | Cisco Firepower Threat Defense和Cisco Adaptive Security Appliance 安全漏洞 |
| CVE-2024-20268 | 7.7 HIGH | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SNMP Deni |
| CVE-2024-20275 | 6.8 MEDIUM | Cisco Secure Firewall Management Center Software Backup Cluster Command Injection Vulnerab |
| CVE-2024-20472 | 6.5 MEDIUM | Cisco Secure Firewall Management Center 安全漏洞 |
| CVE-2024-20482 | 6.5 MEDIUM | Cisco Secure Firewall Management Center 安全漏洞 |
| CVE-2024-20340 | 6.5 MEDIUM | Cisco Secure Firewall Management Center 安全漏洞 |
| CVE-2024-20379 | 6.5 MEDIUM | Cisco Secure Firewall Management Center 安全漏洞 |
| CVE-2024-20374 | 6.5 MEDIUM | Cisco Secure Firewall Management Center 安全漏洞 |
| CVE-2024-20471 | 6.5 MEDIUM | Cisco Secure Firewall Management Center 安全漏洞 |
Showing 20 of 52 CVEs. View all on vendor page →
IV. 関連脆弱性
- CVE-2025-20254
Cisco Secure Firewall Adaptive Security Appliance和Cisco Secu - CVE-2025-20263
Cisco Adaptive Security Appliance Software and Firepower Thr - CVE-2025-20253
Cisco IOS, IOS XE, Secure Firewall Adaptive Security Applian - CVE-2025-20252
Cisco Secure Firewall Management Center和Cisco Secure Firewal - CVE-2025-20251
Cisco Secure Firewall Adaptive Security Appliance and Cisco
同じベンダー: Cisco
- CVE-2026-20219
Cisco Slido 安全漏洞 - CVE-2026-20034
Cisco Unity Connection Remote Code Execution Vulnerability - CVE-2026-20035
Cisco Unity Connection Server-Side Request Forgery Vulnerabi - CVE-2026-20167
Cisco IoT Field Network Director Remote Device Denial of Ser - CVE-2026-20169
Cisco IoT Field Network Director Command Injection Vulnerabi
同じ弱点: CWE-330
- CVE-2026-7847
chatchat-space Langchain-Chatchat Uploaded File openai_route - CVE-2026-40975
VMware Spring Boot 安全特征问题漏洞 - CVE-2026-40496
FreeScout has Predictable Attachment Token that Allows Unaut - CVE-2026-40306
DNN has same HostGUID for all new installs - CVE-2026-33710
Chamilo LMS has Weak REST API Key Generation (Predictable)
V. CVE-2024-20331へのコメント
まだコメントはありません