{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-20407", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2023-11-08T15:08:07.661Z", "datePublished": "2024-10-23T17:36:40.728Z", "dateUpdated": "2024-10-24T16:09:41.083Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-10-23T17:36:40.728Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engine on Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies on an affected system. Devices that are configured with Snort 2 are not affected by this vulnerability. \r\n\r This vulnerability is due to a logic error when handling embryonic (half-open) TCP connections. An attacker could exploit this vulnerability by sending a crafted traffic pattern through an affected device. A successful exploit could allow unintended traffic to enter the network protected by the affected device."}], "affected": [{"vendor": "Cisco", "product": "Cisco Firepower Threat Defense Software", "versions": [{"version": "6.2.3", "status": "affected"}, {"version": "6.2.3.1", "status": "affected"}, {"version": "6.2.3.2", "status": "affected"}, {"version": "6.2.3.3", "status": "affected"}, {"version": "6.2.3.4", "status": "affected"}, {"version": "6.2.3.5", "status": "affected"}, {"version": "6.2.3.6", "status": "affected"}, {"version": "6.2.3.7", "status": "affected"}, {"version": "6.2.3.8", "status": "affected"}, {"version": "6.2.3.10", "status": "affected"}, {"version": "6.2.3.11", "status": "affected"}, {"version": "6.2.3.9", "status": "affected"}, {"version": "6.2.3.12", "status": "affected"}, {"version": "6.2.3.13", "status": "affected"}, {"version": "6.2.3.14", "status": "affected"}, {"version": "6.2.3.15", "status": "affected"}, {"version": "6.2.3.16", "status": "affected"}, {"version": "6.2.3.17", "status": "affected"}, {"version": "6.2.3.18", "status": "affected"}, {"version": "6.6.0", "status": "affected"}, {"version": "6.6.0.1", "status": "affected"}, {"version": "6.6.1", "status": "affected"}, {"version": "6.6.3", "status": "affected"}, {"version": "6.6.4", "status": "affected"}, {"version": "6.6.5", "status": "affected"}, {"version": "6.6.5.1", "status": "affected"}, {"version": "6.6.5.2", "status": "affected"}, {"version": "6.6.7", "status": "affected"}, {"version": "6.6.7.1", "status": "affected"}, {"version": "6.6.7.2", "status": "affected"}, {"version": "6.4.0", "status": "affected"}, {"version": "6.4.0.1", "status": "affected"}, {"version": "6.4.0.3", "status": "affected"}, {"version": "6.4.0.2", "status": "affected"}, {"version": "6.4.0.4", "status": "affected"}, {"version": "6.4.0.5", "status": "affected"}, {"version": "6.4.0.6", "status": "affected"}, {"version": "6.4.0.7", "status": "affected"}, {"version": "6.4.0.8", "status": "affected"}, {"version": "6.4.0.9", "status": "affected"}, {"version": "6.4.0.10", "status": "affected"}, {"version": "6.4.0.11", "status": "affected"}, {"version": "6.4.0.12", "status": "affected"}, {"version": "6.4.0.13", "status": "affected"}, {"version": "6.4.0.14", "status": "affected"}, {"version": "6.4.0.15", "status": "affected"}, {"version": "6.4.0.16", "status": "affected"}, {"version": "6.4.0.17", "status": "affected"}, {"version": "6.4.0.18", "status": "affected"}, {"version": "6.7.0", "status": "affected"}, {"version": "6.7.0.1", "status": "affected"}, {"version": "6.7.0.2", "status": "affected"}, {"version": "6.7.0.3", "status": "affected"}, {"version": "7.0.0", "status": "affected"}, {"version": "7.0.0.1", "status": "affected"}, {"version": "7.0.1", "status": "affected"}, {"version": "7.0.1.1", "status": "affected"}, {"version": "7.0.2", "status": "affected"}, {"version": "7.0.2.1", "status": "affected"}, {"version": "7.0.3", "status": "affected"}, {"version": "7.0.4", "status": "affected"}, {"version": "7.0.5", "status": "affected"}, {"version": "7.0.6", "status": "affected"}, {"version": "7.0.6.1", "status": "affected"}, {"version": "7.0.6.2", "status": "affected"}, {"version": "7.1.0", "status": "affected"}, {"version": "7.1.0.1", "status": "affected"}, {"version": "7.1.0.2", "status": "affected"}, {"version": "7.1.0.3", "status": "affected"}, {"version": "7.2.0", "status": "affected"}, {"version": "7.2.0.1", "status": "affected"}, {"version": "7.2.1", "status": "affected"}, {"version": "7.2.2", "status": "affected"}, {"version": "7.2.3", "status": "affected"}, {"version": "7.2.4", "status": "affected"}, {"version": "7.2.4.1", "status": "affected"}, {"version": "7.2.5", "status": "affected"}, {"version": "7.2.5.1", "status": "affected"}, {"version": "7.2.6", "status": "affected"}, {"version": "7.2.7", "status": "affected"}, {"version": "7.2.5.2", "status": "affected"}, {"version": "7.2.8", "status": "affected"}, {"version": "7.2.8.1", "status": "affected"}, {"version": "7.3.0", "status": "affected"}, {"version": "7.3.1", "status": "affected"}, {"version": "7.3.1.1", "status": "affected"}, {"version": "7.3.1.2", "status": "affected"}, {"version": "7.4.0", "status": "affected"}, {"version": "7.4.1", "status": "affected"}, {"version": "7.4.1.1", "status": "affected"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Resource Management Errors", "type": "cwe", "cweId": "CWE-399"}]}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-bypass-PTry37fX", "name": "cisco-sa-snort-bypass-PTry37fX"}], "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", "baseScore": 5.8, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "source": {"advisory": "cisco-sa-snort-bypass-PTry37fX", "discovery": "EXTERNAL", "defects": ["CSCwi42291"]}}, "adp": [{"affected": [{"vendor": "cisco", "product": "firepower_threat_defense_software", "cpes": ["cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.2.3", "status": "affected", "lessThanOrEqual": "6.2.3.18", "versionType": "custom"}, {"version": "6.4.0", "status": "affected", "lessThanOrEqual": "6.4.0.18", "versionType": "custom"}, {"version": "6.6.0", "status": "affected", "lessThanOrEqual": "6.6.7.2", "versionType": "custom"}, {"version": "6.7.0", "status": "affected", "lessThanOrEqual": "6.7.0.3", "versionType": "custom"}, {"version": "7.0.0", "status": "affected", "lessThanOrEqual": "7.0.6.2", "versionType": "custom"}, {"version": "7.1.0", "status": "affected", "lessThanOrEqual": "7.1.0.3", "versionType": "custom"}, {"version": "7.2.0", "status": "affected", "lessThanOrEqual": "7.2.8.1", "versionType": "custom"}, {"version": "7.3.0", "status": "affected", "lessThanOrEqual": "7.3.1.2", "versionType": "custom"}, {"version": "7.4.0", "status": "affected", "lessThanOrEqual": "7.4.1.1", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-23T18:45:15.554948Z", "id": "CVE-2024-20407", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-24T16:09:41.083Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-20407", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-23T18:45:15.554948Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:cisco:firepower_threat_defense_software:*:*:*:*:*:*:*:*"], "vendor": "cisco", "product": "firepower_threat_defense_software", "versions": [{"status": "affected", "version": "6.2.3", "versionType": "custom", "lessThanOrEqual": "6.2.3.18"}, {"status": "affected", "version": "6.4.0", "versionType": "custom", "lessThanOrEqual": "6.4.0.18"}, {"status": "affected", "version": "6.6.0", "versionType": "custom", "lessThanOrEqual": "6.6.7.2"}, {"status": "affected", "version": "6.7.0", "versionType": "custom", "lessThanOrEqual": "6.7.0.3"}, {"status": "affected", "version": "7.0.0", "versionType": "custom", "lessThanOrEqual": "7.0.6.2"}, {"status": "affected", "version": "7.1.0", "versionType": "custom", "lessThanOrEqual": "7.1.0.3"}, {"status": "affected", "version": "7.2.0", "versionType": "custom", "lessThanOrEqual": "7.2.8.1"}, {"status": "affected", "version": "7.3.0", "versionType": "custom", "lessThanOrEqual": "7.3.1.2"}, {"status": "affected", "version": "7.4.0", "versionType": "custom", "lessThanOrEqual": "7.4.1.1"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-24T16:09:05.099Z"}}], "cna": {"source": {"defects": ["CSCwi42291"], "advisory": "cisco-sa-snort-bypass-PTry37fX", "discovery": "EXTERNAL"}, "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Cisco", "product": "Cisco Firepower Threat Defense Software", "versions": [{"status": "affected", "version": "6.2.3"}, {"status": "affected", "version": "6.2.3.1"}, {"status": "affected", "version": "6.2.3.2"}, {"status": "affected", "version": "6.2.3.3"}, {"status": "affected", "version": "6.2.3.4"}, {"status": "affected", "version": "6.2.3.5"}, {"status": "affected", "version": "6.2.3.6"}, {"status": "affected", "version": "6.2.3.7"}, {"status": "affected", "version": "6.2.3.8"}, {"status": "affected", "version": "6.2.3.10"}, {"status": "affected", "version": "6.2.3.11"}, {"status": "affected", "version": "6.2.3.9"}, {"status": "affected", "version": "6.2.3.12"}, {"status": "affected", "version": "6.2.3.13"}, {"status": "affected", "version": "6.2.3.14"}, {"status": "affected", "version": "6.2.3.15"}, {"status": "affected", "version": "6.2.3.16"}, {"status": "affected", "version": "6.2.3.17"}, {"status": "affected", "version": "6.2.3.18"}, {"status": "affected", "version": "6.6.0"}, {"status": "affected", "version": "6.6.0.1"}, {"status": "affected", "version": "6.6.1"}, {"status": "affected", "version": "6.6.3"}, {"status": "affected", "version": "6.6.4"}, {"status": "affected", "version": "6.6.5"}, {"status": "affected", "version": "6.6.5.1"}, {"status": "affected", "version": "6.6.5.2"}, {"status": "affected", "version": "6.6.7"}, {"status": "affected", "version": "6.6.7.1"}, {"status": "affected", "version": "6.6.7.2"}, {"status": "affected", "version": "6.4.0"}, {"status": "affected", "version": "6.4.0.1"}, {"status": "affected", "version": "6.4.0.3"}, {"status": "affected", "version": "6.4.0.2"}, {"status": "affected", "version": "6.4.0.4"}, {"status": "affected", "version": "6.4.0.5"}, {"status": "affected", "version": "6.4.0.6"}, {"status": "affected", "version": "6.4.0.7"}, {"status": "affected", "version": "6.4.0.8"}, {"status": "affected", "version": "6.4.0.9"}, {"status": "affected", "version": "6.4.0.10"}, {"status": "affected", "version": "6.4.0.11"}, {"status": "affected", "version": "6.4.0.12"}, {"status": "affected", "version": "6.4.0.13"}, {"status": "affected", "version": "6.4.0.14"}, {"status": "affected", "version": "6.4.0.15"}, {"status": "affected", "version": "6.4.0.16"}, {"status": "affected", "version": "6.4.0.17"}, {"status": "affected", "version": "6.4.0.18"}, {"status": "affected", "version": "6.7.0"}, {"status": "affected", "version": "6.7.0.1"}, {"status": "affected", "version": "6.7.0.2"}, {"status": "affected", "version": "6.7.0.3"}, {"status": "affected", "version": "7.0.0"}, {"status": "affected", "version": "7.0.0.1"}, {"status": "affected", "version": "7.0.1"}, {"status": "affected", "version": "7.0.1.1"}, {"status": "affected", "version": "7.0.2"}, {"status": "affected", "version": "7.0.2.1"}, {"status": "affected", "version": "7.0.3"}, {"status": "affected", "version": "7.0.4"}, {"status": "affected", "version": "7.0.5"}, {"status": "affected", "version": "7.0.6"}, {"status": "affected", "version": "7.0.6.1"}, {"status": "affected", "version": "7.0.6.2"}, {"status": "affected", "version": "7.1.0"}, {"status": "affected", "version": "7.1.0.1"}, {"status": "affected", "version": "7.1.0.2"}, {"status": "affected", "version": "7.1.0.3"}, {"status": "affected", "version": "7.2.0"}, {"status": "affected", "version": "7.2.0.1"}, {"status": "affected", "version": "7.2.1"}, {"status": "affected", "version": "7.2.2"}, {"status": "affected", "version": "7.2.3"}, {"status": "affected", "version": "7.2.4"}, {"status": "affected", "version": "7.2.4.1"}, {"status": "affected", "version": "7.2.5"}, {"status": "affected", "version": "7.2.5.1"}, {"status": "affected", "version": "7.2.6"}, {"status": "affected", "version": "7.2.7"}, {"status": "affected", "version": "7.2.5.2"}, {"status": "affected", "version": "7.2.8"}, {"status": "affected", "version": "7.2.8.1"}, {"status": "affected", "version": "7.3.0"}, {"status": "affected", "version": "7.3.1"}, {"status": "affected", "version": "7.3.1.1"}, {"status": "affected", "version": "7.3.1.2"}, {"status": "affected", "version": "7.4.0"}, {"status": "affected", "version": "7.4.1"}, {"status": "affected", "version": "7.4.1.1"}]}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-bypass-PTry37fX", "name": "cisco-sa-snort-bypass-PTry37fX"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engine on Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies on an affected system. Devices that are configured with Snort 2 are not affected by this vulnerability. \r\n\r This vulnerability is due to a logic error when handling embryonic (half-open) TCP connections. An attacker could exploit this vulnerability by sending a crafted traffic pattern through an affected device. A successful exploit could allow unintended traffic to enter the network protected by the affected device."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "cwe", "cweId": "CWE-399", "description": "Resource Management Errors"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-10-23T17:36:40.728Z"}}}, "cveMetadata": {"cveId": "CVE-2024-20407", "state": "PUBLISHED", "dateUpdated": "2024-10-24T16:09:41.083Z", "dateReserved": "2023-11-08T15:08:07.661Z", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2024-10-23T17:36:40.728Z", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "08D5A647-AC21-40AC-8B3C-EE5D3EDA038A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*", "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*", "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*", "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*", "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*", "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*", "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*", "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*", "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*", "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "6E6BD0EE-649E-4ED6-A09C-8364335DEF52", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "1AE11554-FE3C-4C8B-8986-5D88E4967342", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "E1C11983-22A8-4859-A240-571A7815FF54", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "4D975CBA-7F01-4A4C-991B-9571410C4F07", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*", "matchCriteriaId": "D2EFA476-5021-4A00-859E-1643009D6156", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "E6E3A5DC-A237-46E4-A4E5-F135482F984A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.17:*:*:*:*:*:*:*", "matchCriteriaId": "B166867E-E51B-46E3-A6E2-B10E67364058", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.18:*:*:*:*:*:*:*", "matchCriteriaId": "1CE51492-8C9B-459E-9F80-64F426009905", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "91AD8BA2-EB8D-4D8B-B707-AF5C2A831998", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "8FA95508-0A28-4D4A-81A7-5CDD1F5DA46C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "39FE5927-2421-4CBE-97EA-6AED892DA1C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "F8BF2227-3C50-4FD1-98DB-21196E75D1DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "5460064F-FF50-4F54-A8DF-180C76AF9B8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "4D94F400-5A35-41F5-B37F-E9DA6F87ED8E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "F6826018-5620-4924-BE92-6A245378F610", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "A49A07CF-12BA-481C-B5FF-754520080A8A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "F203C7D1-AA92-4367-B7A5-EBAE6B76EE6F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "0064C97F-1140-43AC-8229-C8CCC367DC4D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "D9296D33-D59A-463D-9722-9D4C3F720E7A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "C9F66CCA-0982-4107-BC5B-79D727479343", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "77B80698-1E76-4B13-AB83-A03FF8C785FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "7106C567-726C-4399-ABE0-4A26B9572D40", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "7D5EEF62-DFD3-4E08-8959-2BCD4B1308CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "D5A52991-802D-46FB-A508-5616BA1CEB78", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F3E08AAC-9C5E-4D18-817C-C466D1D6C4DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "724A3B6F-DDAB-4A2F-8430-9E1F352D755F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "BDBF14DD-0654-47F3-A698-020397A1EAA3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engine on Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies on an affected system. Devices that are configured with Snort 2 are not affected by this vulnerability. \r\n\r This vulnerability is due to a logic error when handling embryonic (half-open) TCP connections. An attacker could exploit this vulnerability by sending a crafted traffic pattern through an affected device. A successful exploit could allow unintended traffic to enter the network protected by the affected device."}, {"lang": "es", "value": "Una vulnerabilidad en la interacci\u00f3n entre la funci\u00f3n TCP Intercept y el motor de detecci\u00f3n Snort 3 en el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado eluda las pol\u00edticas configuradas en un sistema afectado. Los dispositivos que est\u00e1n configurados con Snort 2 no se ven afectados por esta vulnerabilidad. Esta vulnerabilidad se debe a un error l\u00f3gico al manejar conexiones TCP embrionarias (semiabiertas). Un atacante podr\u00eda explotar esta vulnerabilidad enviando un patr\u00f3n de tr\u00e1fico manipulado a trav\u00e9s de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el tr\u00e1fico no deseado ingrese a la red protegida por el dispositivo afectado."}], "id": "CVE-2024-20407", "lastModified": "2025-08-05T14:53:15.063", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "psirt@cisco.com", "type": "Secondary"}]}, "published": "2024-10-23T18:15:08.413", "references": [{"source": "psirt@cisco.com", "tags": ["Vendor Advisory"], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-bypass-PTry37fX"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "psirt@cisco.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}