Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
attackerkbAttackerKBAKB:AF538CF7-1A7A-4333-B294-E397CF8E5D93
HistoryApr 24, 2024 - 12:00 a.m.

CVE-2024-20353

2024-04-2400:00:00
attackerkb.com
10
cisco adaptive security appliance
cisco firepower threat defense
http header parsing
device reload
denial of service

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

AI Score

7

Confidence

High

EPSS

0.002

Percentile

55.8%

JSON

A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.

This vulnerability is due to incomplete error checking when parsing an HTTP header. An attacker could exploit this vulnerability by sending a crafted HTTP request to a targeted web server on a device. A successful exploit could allow the attacker to cause a DoS condition when the device reloads.

Recent assessments:

Assessed Attacker Value: 0
Assessed Attacker Value: 0Assessed Attacker Value: 0

Related

cve 1
cvelist 1
cisco 1
nvd 1
githubexploit 2
vulnrichment 1
cisa_kev 1
nessus 2
thn 2
qualysblog 1
talosblog 2
cve
cve
CVE-2024-20353
2024-04-24 19:15:46
cvelist
cvelist
CVE-2024-20353
2024-04-24 18:15:57
cisco
cisco
Cisco Adaptive Security Appliance and Firepower Threat Defense Software Web Services Denial of Service Vulnerability
2024-04-24 16:00:00
nvd
nvd
CVE-2024-20353
2024-04-24 19:15:46
githubexploit
githubexploit
Exploit for Infinite Loop in Cisco Adaptive Security Appliance Software
2024-05-03 12:46:09
Exploit for Infinite Loop in Cisco Adaptive Security Appliance Software
2024-07-13 16:04:25
vulnrichment
vulnrichment
CVE-2024-20353
2024-04-24 18:15:57
cisa_kev
cisa_kev
Cisco ASA and FTD Denial of Service Vulnerability
2024-04-24 00:00:00
nessus
nessus
Cisco Firepower Threat Defense Software Web Services DoS Vulnerability (cisco-sa-asaftd-websrvs-dos-X8gNucD2)
2024-04-26 00:00:00
Cisco Adaptive Security Appliance Software Web Services DoS Vulnerability (cisco-sa-asaftd-websrvs-dos-X8gNucD2)
2024-04-26 00:00:00
thn
thn
China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices
2024-05-06 13:47:00
State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage
2024-04-25 05:50:00
qualysblog
qualysblog
ArcaneDoor Unlocked: Tackling State-Sponsored Cyber Espionage in Network Perimeters
2024-04-24 22:55:49
talosblog
talosblog
ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices
2024-04-24 15:54:39
Inside the ransomware playbook: Analyzing attack chains and mapping common TTPs
2024-07-10 10:00:33

CVSS3

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

AI Score

7

Confidence

High

EPSS

0.002

Percentile

55.8%

JSON
Related for AKB:AF538CF7-1A7A-4333-B294-E397CF8E5D93
cve1cvelist1cisco1nvd1githubexploit2vulnrichment1cisa_kev1nessus2thn2qualysblog1talosblog2