CVSS: 8.6EPSS: 0%CPEs: 175EXPL: 0CVE-2024-20495
https://notcve.org/view.php?id=CVE-2024-20495
23 Oct 2024 — A vulnerability in the Remote Access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition on an affected device. ... A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-vpn-cZf8gT • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 0%CPEs: 25EXPL: 0CVE-2024-20494
https://notcve.org/view.php?id=CVE-2024-20494
23 Oct 2024 — A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper data validation during the TLS 1.3 handshake. ... A successful exploit could allow the attacker to cause the device to reload, resulti... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-tls-CWY6zXB • CWE-1287: Improper Validation of Specified Type of Input •
CVSS: 5.3EPSS: 0%CPEs: 294EXPL: 0CVE-2024-20493
https://notcve.org/view.php?id=CVE-2024-20493
23 Oct 2024 — A vulnerability in the login authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to deny further VPN user authentications for several minutes, resulting in a temporary denial of service (DoS) condition. This vulnerability is due to ineffective handling of memory resources during the authentication process... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-vpn-4gYEWMKg • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.8EPSS: 0%CPEs: 289EXPL: 0CVE-2024-20481 – Cisco ASA and FTD Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-20481
23 Oct 2024 — A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the RAVPN service. ... A successful exploit could allow the attacker to exhaust resources, resulting in a DoS of the RAVPN service on the affected device. Depending on the impact of t... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-bf-dos-vDZhLqrW • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.0EPSS: 0%CPEs: 38EXPL: 0CVE-2024-20474
https://notcve.org/view.php?id=CVE-2024-20474
23 Oct 2024 — A vulnerability in Internet Key Exchange version 2 (IKEv2) processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of Cisco Secure Client. ... A successful exploit could allow the attacker to cause Cisco Secure Client Software to crash, resulting in a DoS condition on the client software. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csc-dos-XvPhM3bj • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 8.6EPSS: 0%CPEs: 54EXPL: 0CVE-2024-20426
https://notcve.org/view.php?id=CVE-2024-20426
23 Oct 2024 — A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol for VPN termination of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. ... A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ikev2-dos-9FgEyHsF • CWE-476: NULL Pointer Dereference •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9949 – Denial of Service in Forescout SecureConnector
https://notcve.org/view.php?id=CVE-2024-9949
23 Oct 2024 — Denial of Service in Forescout SecureConnector 11.1.02.1019 on Windows allows Unprivileged user to corrupt the configuration file and cause Denial of Service in the application. Denial of Service in Forescout SecureConnector 11.1.02.1019 on Windows allows Unprivileged user to corrupt the configuration file and cause Denial of Service in the application. • https://forescout.my.site.com/support/s/article/High-Severity-Vulnerability-in-Secure-Connector-HPS-Inspection-Engine-v11-3-5-and-lower • CWE-1188: Initialization of a Resource with an Insecure Default •
CVSS: 7.7EPSS: 0%CPEs: 285EXPL: 0CVE-2024-20408
https://notcve.org/view.php?id=CVE-2024-20408
23 Oct 2024 — A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dap-dos-bhEkP7n • CWE-1287: Improper Validation of Specified Type of Input •
CVSS: 8.6EPSS: 0%CPEs: 282EXPL: 0CVE-2024-20402
https://notcve.org/view.php?id=CVE-2024-20402
23 Oct 2024 — A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a logic error in memory management when the device is handling SSL VPN connections. ... A successful exploit could allow the attacker to cause the de... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-dos-hOnB9pH4 • CWE-788: Access of Memory Location After End of Buffer •
CVSS: 8.6EPSS: 0%CPEs: 85EXPL: 0CVE-2024-20351 – Cisco Firepower Threat Defense Software Snort Firewall Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-20351
23 Oct 2024 — A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense (FTD) Software and Cisco FirePOWER Services could allow an unauthenticated, remote attacker to cause legitimate network traffic to be dropped, resulting in a denial of service (DoS) condition. This vulnerability is due to the improper handling of TCP/IP network traffic. ... A successful exploit could allow the attacker to cause the Cisco FTD device... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-ftd-snort-fw-BCJTZPMu •