Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2024-20407
Analyzed
More InfoOfficial Page
Source-psirt@cisco.com
View Known Exploited Vulnerability (KEV) details
Published At-23 Oct, 2024 | 18:15
Updated At-05 Aug, 2025 | 14:53

A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engine on Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies on an affected system. Devices that are configured with Snort 2 are not affected by this vulnerability. This vulnerability is due to a logic error when handling embryonic (half-open) TCP connections. An attacker could exploit this vulnerability by sending a crafted traffic pattern through an affected device. A successful exploit could allow unintended traffic to enter the network protected by the affected device.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.15.8MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
CPE Matches
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.2.3
cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.2.3.1
cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.2.3.2
cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.2.3.3
cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.2.3.4
cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.2.3.5
cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.2.3.6
cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.2.3.7
cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.2.3.8
cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.2.3.9
cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.2.3.10
cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.2.3.11
cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.2.3.12
cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.2.3.13
cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.2.3.14
cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.2.3.15
cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.2.3.16
cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.2.3.17
cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.2.3.18
cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.4.0
cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.4.0.1
cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.4.0.2
cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.4.0.3
cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.4.0.4
cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.4.0.5
cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.4.0.6
cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.4.0.7
cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.4.0.8
cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.4.0.9
cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.4.0.10
cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.4.0.11
cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.4.0.12
cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.4.0.13
cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.4.0.14
cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.4.0.15
cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.4.0.16
cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.4.0.17
cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.17:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.4.0.18
cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.18:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.6.0
cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.6.0.1
cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.6.1
cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.6.3
cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.6.4
cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.6.5
cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.6.5.1
cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.6.5.2
cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.6.7
cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.6.7.1
cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.6.7.2
cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>firepower_threat_defense>>6.7.0
cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-399Secondarypsirt@cisco.com
NVD-CWE-noinfoPrimarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-bypass-PTry37fXpsirt@cisco.com
Vendor Advisory
Change History
0Changes found
Details not found