Severity
Medium
Analysis Summary
CVE-2024-20360 CVSS:8.8
Cisco Firepower Management Center Software is vulnerable to SQL injection. A remote authenticated attacker could send specially crafted SQL statements to view, add, modify or delete information in the back-end database.
CVE-2024-20363 CVSS:5.8
Multiple Cisco products could allow a remote attacker to bypass security restrictions, caused by an incorrect HTTP packet handling. By sending specially crafted HTTP packets, an attacker could exploit this vulnerability to bypass configured IPS rules and allow uninspected traffic onto the network.
CVE-2024-20355 CVSS:5
Cisco Adaptive Security Appliance and Firepower Threat Defense Software could allow a remote authenticated attacker to bypass security restrictions, caused by improper separation of authorization domains when using SAML authentication. By sending a specially-crafted request, an attacker could exploit this vulnerability to establish a remote access VPN session using a connection profile that they are not authorized to use.
Impact
- Security Bypass
- Data Manipulation
Indicators of Compromise
CVE
- CVE-2024-20360
- CVE-2024-20363
- CVE-2024-20355
Affected Vendors
Affected Products
- Cisco Firepower Management Center
- Cisco Firepower Threat Defense Software 7.4.0
- Cisco UTD SNORT IPS Engine Software 17.6.4
- Cisco Adaptive Security Appliance (ASA) Software 9.8.2.28
- Cisco Firepower Threat Defense Software 6.2.3
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.