From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability Description: - Vulnerability ID: cisco-sa-snort-rf-bypass-OY8f3pnM - CVE Number: CVE-2024-20342 - CWE Number: CWE-1025 - Release Date: October 23, 2024 - Severity: Medium - CVSS Score: 5.8 2. Affected Products: - Affected Open Source Snort Versions: Snort 2 and Snort 3 - Affected Cisco Products: Any Cisco products running vulnerable Cisco FirePOWER Services or Cisco Firepower Threat Defense (FTD) software, and with Snort enabled. 3. Vulnerability Details: - Root Cause: Due to an incorrect connection count comparison. - Attack Method: By sending traffic exceeding the configured rate limit, attackers can bypass rate-limiting filters on affected devices. - Impact: Allows unauthorized remote attackers to bypass rate-limiting filters, enabling unauthorized traffic to enter protected networks. 4. Remediation: - Software Updates Released: Software updates have been released to address this vulnerability. - Workarounds: No workarounds are available. 5. List of Affected Cisco Products: - Adaptive Security Appliance (ASA) software - Cyber Vision software - Meraki products - Secure Firewall Management Center (FMC) software - Unified Threat Defense (UTD) software 6. Related Links: - Cisco Event Response: Link to the related incident response page. - Snort Website: Link to the official Snort website. 7. Rating and Feedback: - Users can rate the vulnerability and provide feedback. 8. Legal Disclaimer: - The document is provided "AS IS" without any warranties or guarantees. This information helps in understanding the nature of the vulnerability, affected products, remediation steps, and how to obtain further details.