CVE-2024-20363 | Cisco Open Source Snort HTTP Intrusion Prevention System Rule authentication spoofing (cisco-sa-snort3-ips-bypass-uE69KBMd)

Inserito da Angelo Barbosa | Mag 22, 2024 | CVE

A vulnerability was found in Cisco Open Source Snort, FirePOWER, Firepower Threat Defense Software and IOS XE. It has been rated as critical. This issue affects some unknown processing of the component HTTP Intrusion Prevention System Rule. The manipulation leads to authentication bypass by spoofing.

The identification of this vulnerability is CVE-2024-20363. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-20363 | Cisco Open Source Snort HTTP Intrusion Prevention System Rule authentication spoofing (cisco-sa-snort3-ips-bypass-uE69KBMd)

Post correlati

CVE-2024-27042 | Linux Kernel up to 6.6.22/6.7.10/6.8.1 amdgpu_discovery_reg_base_init out-of-bounds

CVE-2024-1656 | Octopus Server up to 2024.2.2075 Content Security Policy ui layer

CVE-2024-29997 | Microsoft Windows up to Server 2022 23H2 Mobile Broadband Driver integer overflow

CVE-2023-33757 | SpliceCom iPCS/iPCS2 certificate validation