Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2024-20353

Published: 24/04/2024 Updated: 26/04/2024
CVSS v3 Base Score: 8.6 | Impact Score: 4 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Cisco

Vulnerability Summary

A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to incomplete error checking when parsing an HTTP header. An attacker could exploit this vulnerability by sending a crafted HTTP request to a targeted web server on a device. A successful exploit could allow the malicious user to cause a DoS condition when the device reloads.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cisco adaptive security appliance software 9.16.1

cisco adaptive security appliance software 9.8.2

cisco adaptive security appliance software 9.8.3.18

cisco adaptive security appliance software 9.8.3.26

cisco adaptive security appliance software 9.12.2

cisco adaptive security appliance software 9.8.2.24

cisco adaptive security appliance software 9.8.3.16

cisco adaptive security appliance software 9.8.4.29

cisco adaptive security appliance software 9.12.2.5

cisco adaptive security appliance software 9.12.4.4

cisco adaptive security appliance software 9.8.2.20

cisco adaptive security appliance software 9.8.4

cisco adaptive security appliance software 9.8.4.26

cisco adaptive security appliance software 9.14.1.30

cisco adaptive security appliance software 9.14.1.15

cisco adaptive security appliance software 9.8.2.26

cisco adaptive security appliance software 9.8.2.28

cisco adaptive security appliance software 9.8.2.33

cisco adaptive security appliance software 9.8.2.35

cisco adaptive security appliance software 9.8.2.38

cisco adaptive security appliance software 9.8.4.8

cisco adaptive security appliance software 9.8.4.10

cisco adaptive security appliance software 9.8.4.12

cisco adaptive security appliance software 9.8.4.15

cisco adaptive security appliance software 9.8.4.45

cisco adaptive security appliance software 9.12.3.2

cisco adaptive security appliance software 9.12.3.7

cisco adaptive security appliance software 9.12.4

cisco adaptive security appliance software 9.12.3.12

cisco adaptive security appliance software 9.12.4.37

cisco adaptive security appliance software 9.12.4.38

cisco adaptive security appliance software 9.12.4.39

cisco adaptive security appliance software 9.14.2

cisco adaptive security appliance software 9.14.2.4

cisco adaptive security appliance software 9.14.2.8

cisco adaptive security appliance software 9.14.2.13

cisco adaptive security appliance software 9.14.2.15

cisco adaptive security appliance software 9.15.1.15

cisco adaptive security appliance software 9.15.1.16

cisco adaptive security appliance software 9.15.1.17

cisco adaptive security appliance software 9.15.1.1

cisco adaptive security appliance software 9.8.4.25

cisco adaptive security appliance software 9.17.1

cisco adaptive security appliance software 9.8.1

cisco adaptive security appliance software 9.8.2.17

cisco adaptive security appliance software 9.8.3.11

cisco adaptive security appliance software 9.8.3.29

cisco adaptive security appliance software 9.8.4.3

cisco adaptive security appliance software 9.8.4.20

cisco adaptive security appliance software 9.8.4.41

cisco adaptive security appliance software 9.8.4.44

cisco adaptive security appliance software 9.12.3

cisco adaptive security appliance software 9.12.3.9

cisco adaptive security appliance software 9.12.4.26

cisco adaptive security appliance software 9.12.4.30

cisco adaptive security appliance software 9.14.1.10

cisco adaptive security appliance software 9.14.1.19

cisco adaptive security appliance software 9.14.3

cisco adaptive security appliance software 9.14.3.9

cisco adaptive security appliance software 9.15.1

cisco adaptive security appliance software 9.15.1.10

cisco adaptive security appliance software 9.15.1.21

cisco adaptive security appliance software 9.16.1.28

cisco adaptive security appliance software 9.17.1.7

cisco adaptive security appliance software 9.16.3.14

cisco adaptive security appliance software 9.16.4

cisco adaptive security appliance software 9.18.2.5

cisco adaptive security appliance software 9.17.1.10

cisco adaptive security appliance software 9.17.1.13

cisco adaptive security appliance software 9.18.1

cisco adaptive security appliance software 9.18.1.3

cisco adaptive security appliance software 9.8.1.7

cisco adaptive security appliance software 9.8.2.8

cisco adaptive security appliance software 9.8.2.14

cisco adaptive security appliance software 9.8.3.21

cisco adaptive security appliance software 9.8.3

cisco adaptive security appliance software 9.8.4.32

cisco adaptive security appliance software 9.8.4.33

cisco adaptive security appliance software 9.8.4.34

cisco adaptive security appliance software 9.8.4.35

cisco adaptive security appliance software 9.8.4.39

cisco adaptive security appliance software 9.12.1

cisco adaptive security appliance software 9.12.1.2

cisco adaptive security appliance software 9.12.1.3

cisco adaptive security appliance software 9.12.4.10

cisco adaptive security appliance software 9.12.4.13

cisco adaptive security appliance software 9.12.4.8

cisco adaptive security appliance software 9.12.4.18

cisco adaptive security appliance software 9.14.1

cisco adaptive security appliance software 9.14.3.13

cisco adaptive security appliance software 9.14.3.18

cisco adaptive security appliance software 9.14.3.15

cisco adaptive security appliance software 9.14.4

cisco adaptive security appliance software 9.16.2.3

cisco adaptive security appliance software 9.16.2.7

cisco adaptive security appliance software 9.16.2.11

cisco adaptive security appliance software 9.16.2.13

cisco adaptive security appliance software 9.16.2.14

cisco adaptive security appliance software 9.14.4.7

cisco adaptive security appliance software 9.14.4.12

cisco adaptive security appliance software 9.17.1.11

cisco adaptive security appliance software 9.17.1.15

cisco adaptive security appliance software 9.8.4.22

cisco adaptive security appliance software 9.12.4.2

cisco adaptive security appliance software 9.17.1.9

cisco adaptive security appliance software 9.8.1.5

cisco adaptive security appliance software 9.8.2.15

cisco adaptive security appliance software 9.8.3.8

cisco adaptive security appliance software 9.8.3.14

cisco adaptive security appliance software 9.8.4.7

cisco adaptive security appliance software 9.8.4.17

cisco adaptive security appliance software 9.8.4.40

cisco adaptive security appliance software 9.8.4.43

cisco adaptive security appliance software 9.12.2.4

cisco adaptive security appliance software 9.12.2.9

cisco adaptive security appliance software 9.12.2.1

cisco adaptive security appliance software 9.12.4.7

cisco adaptive security appliance software 9.12.4.24

cisco adaptive security appliance software 9.12.4.29

cisco adaptive security appliance software 9.12.4.35

cisco adaptive security appliance software 9.14.1.6

cisco adaptive security appliance software 9.14.3.1

cisco adaptive security appliance software 9.14.3.11

cisco adaptive security appliance software 9.14.4.6

cisco adaptive security appliance software 9.15.1.7

cisco adaptive security appliance software 9.16.2

cisco adaptive security appliance software 9.16.3.3

cisco adaptive security appliance software 9.16.3

cisco adaptive security appliance software 9.18.2

cisco adaptive security appliance software 9.8.4.48

cisco adaptive security appliance software 9.8.4.46

cisco adaptive security appliance software 9.19.1.9

cisco adaptive security appliance software 9.19.1.5

cisco adaptive security appliance software 9.19.1.18

cisco adaptive security appliance software 9.19.1.12

cisco adaptive security appliance software 9.19.1

cisco adaptive security appliance software 9.18.3.55

cisco adaptive security appliance software 9.18.3.53

cisco adaptive security appliance software 9.18.3.46

cisco adaptive security appliance software 9.18.3.39

cisco adaptive security appliance software 9.18.3

cisco adaptive security appliance software 9.18.2.8

cisco adaptive security appliance software 9.18.2.7

cisco adaptive security appliance software 9.17.1.30

cisco adaptive security appliance software 9.17.1.20

cisco adaptive security appliance software 9.16.4.9

cisco adaptive security appliance software 9.16.4.38

cisco adaptive security appliance software 9.16.4.27

cisco adaptive security appliance software 9.16.4.19

cisco adaptive security appliance software 9.16.4.18

cisco adaptive security appliance software 9.16.4.14

cisco adaptive security appliance software 9.16.3.23

cisco adaptive security appliance software 9.16.3.19

cisco adaptive security appliance software 9.16.3.15

cisco adaptive security appliance software 9.14.4.23

cisco adaptive security appliance software 9.14.4.22

cisco adaptive security appliance software 9.14.4.17

cisco adaptive security appliance software 9.14.4.15

cisco adaptive security appliance software 9.14.4.14

cisco adaptive security appliance software 9.14.4.13

cisco adaptive security appliance software 9.12.4.58

cisco adaptive security appliance software 9.12.4.56

cisco adaptive security appliance software 9.12.4.55

cisco adaptive security appliance software 9.12.4.54

cisco adaptive security appliance software 9.12.4.52

cisco adaptive security appliance software 9.12.4.50

cisco adaptive security appliance software 9.12.4.48

cisco adaptive security appliance software 9.12.4.47

cisco adaptive security appliance software 9.12.4.41

cisco adaptive security appliance software 9.12.4.40

cisco adaptive security appliance software 9.12.4.62

cisco adaptive security appliance software 9.12.4.65

cisco adaptive security appliance software 9.16.4.39

cisco adaptive security appliance software 9.16.4.42

cisco adaptive security appliance software 9.16.4.48

cisco adaptive security appliance software 9.16.4.55

cisco adaptive security appliance software 9.17.1.33

cisco adaptive security appliance software 9.18.3.56

cisco adaptive security appliance software 9.18.4

cisco adaptive security appliance software 9.18.4.5

cisco adaptive security appliance software 9.18.4.8

cisco adaptive security appliance software 9.19.1.22

cisco adaptive security appliance software 9.19.1.24

cisco adaptive security appliance software 9.19.1.27

cisco adaptive security appliance software 9.20.1

cisco adaptive security appliance software 9.20.1.5

cisco adaptive security appliance software 9.20.2

cisco firepower threat defense 6.2.3

cisco firepower threat defense 6.2.3.1

cisco firepower threat defense 6.4.0

cisco firepower threat defense 6.2.3.13

cisco firepower threat defense 6.2.3.14

cisco firepower threat defense 6.2.3.15

cisco firepower threat defense 6.2.3.12

cisco firepower threat defense 6.6.0.1

cisco firepower threat defense 6.6.0

cisco firepower threat defense 7.1.0

cisco firepower threat defense 7.0.0

cisco firepower threat defense 6.7.0

cisco firepower threat defense 7.2.0.1

cisco firepower threat defense 7.0.1

cisco firepower threat defense 7.0.0.1

cisco firepower threat defense 7.0.1.1

cisco firepower threat defense 7.0.2

cisco firepower threat defense 7.0.2.1

cisco firepower threat defense 7.0.3

cisco firepower threat defense 7.0.4

cisco firepower threat defense 6.6.1

cisco firepower threat defense 6.6.3

cisco firepower threat defense 6.6.4

cisco firepower threat defense 6.6.5

cisco firepower threat defense 6.6.5.1

cisco firepower threat defense 6.6.5.2

cisco firepower threat defense 7.1.0.1

cisco firepower threat defense 7.1.0.2

cisco firepower threat defense 7.2.0

cisco firepower threat defense 6.2.3.2

cisco firepower threat defense 6.2.3.3

cisco firepower threat defense 6.2.3.4

cisco firepower threat defense 6.2.3.5

cisco firepower threat defense 6.2.3.6

cisco firepower threat defense 6.2.3.7

cisco firepower threat defense 6.2.3.8

cisco firepower threat defense 6.2.3.10

cisco firepower threat defense 6.2.3.11

cisco firepower threat defense 6.2.3.9

cisco firepower threat defense 6.2.3.16

cisco firepower threat defense 6.2.3.17

cisco firepower threat defense 6.2.3.18

cisco firepower threat defense 6.4.0.1

cisco firepower threat defense 6.4.0.3

cisco firepower threat defense 6.4.0.2

cisco firepower threat defense 6.4.0.4

cisco firepower threat defense 6.4.0.5

cisco firepower threat defense 6.4.0.6

cisco firepower threat defense 6.4.0.7

cisco firepower threat defense 6.4.0.8

cisco firepower threat defense 6.4.0.9

cisco firepower threat defense 6.4.0.10

cisco firepower threat defense 6.4.0.11

cisco firepower threat defense 6.4.0.12

cisco firepower threat defense 6.4.0.13

cisco firepower threat defense 6.4.0.14

cisco firepower threat defense 6.7.0.1

cisco firepower threat defense 6.7.0.2

cisco firepower threat defense 6.7.0.3

cisco firepower threat defense 6.6.7

cisco firepower threat defense 7.2.1

cisco firepower threat defense 7.2.2

cisco firepower threat defense 7.2.3

cisco firepower threat defense 7.3.1.1

cisco firepower threat defense 7.3.1

cisco firepower threat defense 7.3.0

cisco firepower threat defense 7.2.5

cisco firepower threat defense 7.2.4.1

cisco firepower threat defense 7.2.4

cisco firepower threat defense 7.1.0.3

cisco firepower threat defense 7.0.6

cisco firepower threat defense 7.0.5

cisco firepower threat defense 6.6.7.1

cisco firepower threat defense 6.4.0.16

cisco firepower threat defense 6.4.0.15

cisco firepower threat defense 6.4.0.17

cisco firepower threat defense 7.0.6.1

cisco firepower threat defense 7.2.5.1

cisco firepower threat defense 7.4.0

cisco firepower threat defense 7.4.1

Github Repositories

https://github.com/Spl0stus/CVE-2024-20353-CiscoASAandFTD

Exploit for Cisco ASA and FTD (may 2024)

CVE-2024-20353-CiscoASAandFTD Exploit for DoS Cisco ASA and FTD (may 2024) Description A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condi

Recent Articles

ArcaneDoor hackers exploit Cisco zero-days to breach govt networks
BleepingComputer • Sergiu Gatlan • 24 Apr 2024

ArcaneDoor hackers exploit Cisco zero-days to breach govt networks By Sergiu Gatlan April 24, 2024 01:07 PM 0 ​Cisco warned today that a state-backed hacking group has been exploiting two zero-day vulnerabilities in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls since November 2023 to breach government networks worldwide. The hackers, identified as UAT4356 by Cisco Talos and STORM-1849 by Microsoft, began infiltrating vulnerable edge devices in early November 20...

Read more...
Governments issue alerts after 'sophisticated' state-backed actor found exploiting flaws in Cisco security boxes
The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Don't get too comfortable: 'Line Dancer' malware may be targeting other vendors, too

A previously unknown and "sophisticated" nation-state group compromised Cisco firewalls as early as November 2023 for espionage purposes — and possibly attacked network devices made by other vendors including Microsoft, according to warnings from the networking giant and three Western governments. These cyber-spy campaigns, dubbed “ArcaneDoor” by Cisco, were first spotted in early January and revealed on Wednesday. And they targeted VPN services used by governments and critical infrastruct...

Read more...

References

CWE-835https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-websrvs-dos-X8gNucD2https://nvd.nist.govhttps://github.com/Spl0stus/CVE-2024-20353-CiscoASAandFTDhttps://www.theregister.co.uk/2024/04/24/spies_cisco_firewall/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700CVE-2022-48689CVE-2024-27956CVE-2023-6363SQLNULL pointer dereferenceCVE-2023-41830CVE-2015-2051arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook