CVE-2024-20402

HIGH Year: 2024
CVSS v3 Score
8.6
High
Weakness Type
CWE-788
View all →

Vulnerability Description

A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a logic error in memory management when the device is handling SSL VPN connections. An attacker could exploit this vulnerability by sending crafted SSL/TLS packets to the SSL VPN server of the affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Related Vulnerabilities

CVE-2024-20330

HIGH
CVSS:8.6(High)

A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remo...

CWE-7882024

CVE-2021-21103

HIGH
CVSS:8.8(High)

Adobe Illustrator version 25.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to di...

CWE-7882021

CVE-2021-21104

HIGH
CVSS:8.8(High)

Adobe Illustrator version 25.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to re...

CWE-7882021

CVE-2021-21105

HIGH
CVSS:8.8(High)

Adobe Illustrator version 25.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to ac...

CWE-7882021

CVE-2021-32629

HIGH
CVSS:8.8(High)

Cranelift is an open-source code generator maintained by Bytecode Alliance. It translates a target-independent intermediate representation into executable machine code. There is a bug in 0.73 of the C...

CWE-7882021

CVE-2023-25506

HIGH
CVSS:8.2(High)

NVIDIA DGX-1 contains a vulnerability in Ofbd in AMI SBIOS, where a preconditioned heap can allow a user with elevated privileges to cause an access beyond the end of a buffer, which may lead to code ...

CWE-7882023