PT-2024-9150 · Cisco · Cisco Adaptive Security Virtual Appliance +2

🗓️ 23 Oct 2024 00:00:00Reported by Positive TechnologiesType

VPN and management web servers may allow unauthenticated remote DoS by exhausting memory with many SSL/TLS connections; manual reload may be needed.

Reporter	Title	Published	Views	Family All 10
BDU FSTEC	The vulnerability of the web-client VPN microprogramming system used by Cisco Adaptive Security Appliances (ASA) and Cisco Firepower Threat Defense (FTD) allows a attacker to induce a service failure.	6 Dec 202400:00	–	bdu_fstec
Cisco	Cisco Adaptive Security Virtual Appliance and Secure Firewall Threat Defense Virtual SSL VPN Denial of Service Vulnerability	23 Oct 202416:00	–	cisco
CNNVD	Cisco Firepower Threat Defense和Cisco Adaptive Security Virtual Appliance 安全漏洞	23 Oct 202400:00	–	cnnvd
CVE	CVE-2024-20260	23 Oct 202417:07	–	cve
Cvelist	CVE-2024-20260 Cisco Adaptive Security Virtual Appliance and Secure Firewall Threat Defense Virtual SSL VPN Denial of Service Vulnerability	23 Oct 202417:07	–	cvelist
EUVD	EUVD-2024-17975	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Cisco Adaptive Security Appliance and Firepower Threat Defense	24 Oct 202408:37	–	ncsc
NVD	CVE-2024-20260	23 Oct 202417:15	–	nvd
RedhatCVE	CVE-2024-20260	5 Feb 202501:14	–	redhatcve
Vulnrichment	CVE-2024-20260 Cisco Adaptive Security Virtual Appliance and Secure Firewall Threat Defense Virtual SSL VPN Denial of Service Vulnerability	23 Oct 202417:07	–	vulnrichment

Source	Link
bdu	www.bdu.fstec.ru/vul/2024-10837
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-20260
safe-surf	www.safe-surf.ru/specialists/bulletins-nkcki/713196
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftdvirtual-dos-MuenGnYR

25 Oct 2024 00:00Current

7.4High risk

Vulners AI Score7.4

CVSS 3.18.6

EPSS0.00625

SSVC