Cisco Unified Threat Defense Snort Intrusion Prevention System Engine
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Cisco Unified Threat Defense Snort Intrusion Prevention System Engine.
Recent Cisco Unified Threat Defense Snort Intrusion Prevention System Engine Security Advisories
| Advisory | Title | Published |
|---|---|---|
| 2024-09-25 | Cisco Unified Threat Defense Snort Intrusion Prevention System Engine for Cisco IOS XE Software Security Policy Bypass and Denial of Service Vulnerability | September 25, 2024 |
By the Year
In 2026 there have been 0 vulnerabilities in Cisco Unified Threat Defense Snort Intrusion Prevention System Engine. Unified Threat Defense Snort Intrusion Prevention System Engine did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 3 | 7.00 |
It may take a day or so for new Unified Threat Defense Snort Intrusion Prevention System Engine vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Cisco Unified Threat Defense Snort Intrusion Prevention System Engine Security Vulnerabilities
Snort Modbus Preprocessor Integer Overflow DoS
CVE-2022-20685
7.5 - High
- November 15, 2024
A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an integer overflow while processing Modbus traffic. An attacker could exploit this vulnerability by sending crafted Modbus traffic through an affected device. A successful exploit could allow the attacker to cause the Snort process to hang, causing traffic inspection to stop.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Integer Overflow or Wraparound
CVE-2024-20508: Cisco UTD Snort IPS Engine Bypass & DoS via HTTP
CVE-2024-20508
6.5 - Medium
- September 25, 2024
A vulnerability in Cisco Unified Threat Defense (UTD) Snort Intrusion Prevention System (IPS) Engine for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured security policies or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of HTTP requests when they are processed by Cisco UTD Snort IPS Engine. An attacker could exploit this vulnerability by sending a crafted HTTP request through an affected device. A successful exploit could allow the attacker to trigger a reload of the Snort process. If the action in case of Cisco UTD Snort IPS Engine failure is set to the default, fail-open, successful exploitation of this vulnerability could allow the attacker to bypass configured security policies. If the action in case of Cisco UTD Snort IPS Engine failure is set to fail-close, successful exploitation of this vulnerability could cause traffic that is configured to be inspected by Cisco UTD Snort IPS Engine to be dropped.
Memory Corruption
CVE-2024-20363 Cisco Snort IPS HTTP Bypass
CVE-2024-20363
- May 22, 2024
Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System (IPS) rule engine that could allow an unauthenticated, remote attacker to bypass the configured rules on an affected system. This vulnerability is due to incorrect HTTP packet handling. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured IPS rules and allow uninspected traffic onto the network.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Cisco Unified Threat Defense Snort Intrusion Prevention System Engine or by Cisco? Click the Watch button to subscribe.
