cnvd - cnvd-2025-05986

cnvd-2025-05986

Vulnerability from cnvd

Title

Cisco Firepower Threat Defense和Cisco FirePOWER Services存在拒绝服务漏洞

Description

Cisco Firepower Threat Defense（FTD）和Cisco FirePOWER Services都是美国思科（Cisco）公司的产品。Cisco Firepower Threat Defense是一套提供下一代防火墙服务的统一软件。Cisco FirePOWER Services是种综合安全解决方案，旨在增强网络安全性。 Cisco Firepower Threat Defense和Cisco FirePOWER Services存在拒绝服务漏洞，该漏洞源于对TCP/IP网络流量处理不当。攻击者可利用该漏洞导致系统拒绝服务。

Severity

高

Patch Name

Cisco Firepower Threat Defense和Cisco FirePOWER Services存在拒绝服务漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级程序修复该安全问题，详情见厂商官网: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-ftd-snort-fw-BCJTZPMu

Reference

https://nvd.nist.gov/vuln/detail/CVE-2024-20351

Impacted products

Name
['Cisco Cisco Firepower Threat Defense', 'Cisco Cisco FirePOWER Services']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-20351",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-20351"
    }
  },
  "description": "Cisco Firepower Threat Defense\uff08FTD\uff09\u548cCisco FirePOWER Services\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Cisco Firepower Threat Defense\u662f\u4e00\u5957\u63d0\u4f9b\u4e0b\u4e00\u4ee3\u9632\u706b\u5899\u670d\u52a1\u7684\u7edf\u4e00\u8f6f\u4ef6\u3002Cisco FirePOWER Services\u662f\u79cd\u7efc\u5408\u5b89\u5168\u89e3\u51b3\u65b9\u6848\uff0c\u65e8\u5728\u589e\u5f3a\u7f51\u7edc\u5b89\u5168\u6027\u3002\n\nCisco Firepower Threat Defense\u548cCisco FirePOWER Services\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5bf9TCP/IP\u7f51\u7edc\u6d41\u91cf\u5904\u7406\u4e0d\u5f53\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7cfb\u7edf\u62d2\u7edd\u670d\u52a1\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u7a0b\u5e8f\u4fee\u590d\u8be5\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u89c1\u5382\u5546\u5b98\u7f51:\r\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-ftd-snort-fw-BCJTZPMu",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-05986",
  "openTime": "2025-03-25",
  "patchDescription": "Cisco Firepower Threat Defense\uff08FTD\uff09\u548cCisco FirePOWER Services\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Cisco Firepower Threat Defense\u662f\u4e00\u5957\u63d0\u4f9b\u4e0b\u4e00\u4ee3\u9632\u706b\u5899\u670d\u52a1\u7684\u7edf\u4e00\u8f6f\u4ef6\u3002Cisco FirePOWER Services\u662f\u79cd\u7efc\u5408\u5b89\u5168\u89e3\u51b3\u65b9\u6848\uff0c\u65e8\u5728\u589e\u5f3a\u7f51\u7edc\u5b89\u5168\u6027\u3002\r\n\r\nCisco Firepower Threat Defense\u548cCisco FirePOWER Services\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5bf9TCP/IP\u7f51\u7edc\u6d41\u91cf\u5904\u7406\u4e0d\u5f53\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7cfb\u7edf\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Firepower Threat Defense\u548cCisco FirePOWER Services\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco Cisco Firepower Threat Defense",
      "Cisco Cisco FirePOWER Services"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2024-20351",
  "serverity": "\u9ad8",
  "submitTime": "2024-10-31",
  "title": "Cisco Firepower Threat Defense\u548cCisco FirePOWER Services\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

CVE-2024-20351 (GCVE-0-2024-20351)

Vulnerability from cvelistv5

Published

2024-10-23 17:09

Modified

2024-10-24 15:06

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-400 - Uncontrolled Resource Consumption

Summary

A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense (FTD) Software and Cisco FirePOWER Services could allow an unauthenticated, remote attacker to cause legitimate network traffic to be dropped, resulting in a denial of service (DoS) condition. This vulnerability is due to the improper handling of TCP/IP network traffic. An attacker could exploit this vulnerability by sending a large amount of TCP/IP network traffic through the affected device. A successful exploit could allow the attacker to cause the Cisco FTD device to drop network traffic, resulting in a DoS condition. The affected device must be rebooted to resolve the DoS condition.

References

URL

Tags

	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-ftd-snort-fw-BCJTZPMu
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-M446vbEO
	https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300
	https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-xss-yjj7ZjVq