Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-ASAFTD-WEBSRVS-DOS-X8GNUCD2
HistoryApr 24, 2024 - 4:00 p.m.

Cisco Adaptive Security Appliance and Firepower Threat Defense Software Web Services Denial of Service Vulnerability

2024-04-2416:00:00
tools.cisco.com
21
cisco
asa
firepower
vulnerability
web servers
dos
software updates
http header
attack
reload

7.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.8%

JSON

A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.

This vulnerability is due to incomplete error checking when parsing an HTTP header. An attacker could exploit this vulnerability by sending a crafted HTTP request to a targeted web server on a device. A successful exploit could allow the attacker to cause a DoS condition when the device reloads.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-websrvs-dos-X8gNucD2 [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-websrvs-dos-X8gNucD2”]

For more information on the vulnerability that is described in this advisory, see Cisco Event Response: Attacks Against Cisco Firewall Platforms [“https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_attacks_event_response”].

Related

nessus 2
cisa_kev 1
cvelist 1
cve 1
githubexploit 1
qualysblog 1
talosblog 1
thn 1
nessus
nessus
Cisco Adaptive Security Appliance Software Web Services DoS Vulnerability (cisco-sa-asaftd-websrvs-dos-X8gNucD2)
2024-04-26 00:00:00
Cisco Firepower Threat Defense Software Web Services DoS Vulnerability (cisco-sa-asaftd-websrvs-dos-X8gNucD2)
2024-04-26 00:00:00
cisa_kev
cisa_kev
Cisco ASA and FTD Denial of Service Vulnerability
2024-04-24 00:00:00
cvelist
cvelist
CVE-2024-20353
2024-04-24 18:15:57
cve
cve
CVE-2024-20353
2024-04-24 19:15:46
githubexploit
githubexploit
Exploit for Infinite Loop in Cisco Adaptive Security Appliance Software
2024-05-03 12:46:09
qualysblog
qualysblog
ArcaneDoor Unlocked: Tackling State-Sponsored Cyber Espionage in Network Perimeters
2024-04-24 22:55:49
talosblog
talosblog
ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices
2024-04-24 15:54:39
thn
thn
State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage
2024-04-25 05:50:00

7.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.8%

JSON
Related for CISCO-SA-ASAFTD-WEBSRVS-DOS-X8GNUCD2
nessus2cisa_kev1cvelist1cve1githubexploit1qualysblog1talosblog1thn1