CVE-2024-20384 - OpenCVE

A vulnerability in the Network Service Group (NSG) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. This vulnerability is due to a logic error that occurs when NSG ACLs are populated on an affected device. An attacker could exploit this vulnerability by establishing a connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Cisco	Adaptive Security Appliance Firepower Threat Defense Software

No data.

References

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-nsgacl-bypass-77XnEAsL

History

Thu, 24 Oct 2024 18:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Cisco Cisco adaptive Security Appliance Cisco firepower Threat Defense Software
CPEs		cpe:2.3:a:cisco:firepower_threat_defense_software:::::::: cpe:2.3:h:cisco:adaptive_security_appliance::::::::
Vendors & Products		Cisco Cisco adaptive Security Appliance Cisco firepower Threat Defense Software
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 23 Oct 2024 17:45:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability in the Network Service Group (NSG) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. This vulnerability is due to a logic error that occurs when NSG ACLs are populated on an affected device. An attacker could exploit this vulnerability by establishing a connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules.
Weaknesses		CWE-290
References		https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-nsgacl-bypass-77XnEAsL
Metrics		cvssV3_1 `{'score': 5.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N'}`

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2024-10-23T17:32:29.353Z

Updated: 2024-10-24T17:04:49.872Z

Reserved: 2023-11-08T15:08:07.658Z

Link: CVE-2024-20384

Vulnrichment

Updated: 2024-10-24T17:04:39.360Z

NVD

Status : Awaiting Analysis

Published: 2024-10-23T18:15:07.030

Modified: 2024-10-25T12:56:36.827

Link: CVE-2024-20384

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object