CVE-2024-20481

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
23/10/2024
Last modified:
29/10/2024

Description

A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the RAVPN service.<br /> <br /> This vulnerability is due to resource exhaustion. An attacker could exploit this vulnerability by sending a large number of VPN authentication requests to an affected device. A successful exploit could allow the attacker to exhaust resources, resulting in a DoS of the RAVPN service on the affected device. Depending on the impact of the attack, a reload of the device may be required to restore the RAVPN service. Services that are not related to VPN are not affected.<br /> <br /> Cisco Talos discussed these attacks in the blog post Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.4:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.5:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.6:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.7:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.8:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.9:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.10:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.11:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.12:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.13:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.14:*:*:*:*:*:*:*