Cisco Unified Threat Defense
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Cisco Unified Threat Defense.
Recent Cisco Unified Threat Defense Security Advisories
| Advisory | Title | Published |
|---|---|---|
| 2024-09-25 | Cisco Unified Threat Defense Snort Intrusion Prevention System Engine for Cisco IOS XE Software Security Policy Bypass and Denial of Service Vulnerability | September 25, 2024 |
| 2024-03-27 | Cisco IOS XE Software Unified Threat Defense Command Injection Vulnerability | March 27, 2024 |
| 2023-09-27 | Cisco IOS XE Software Application Quality of Experience and Unified Threat Defense Denial of Service Vulnerability | September 27, 2023 |
By the Year
In 2025 there have been 0 vulnerabilities in Cisco Unified Threat Defense. Unified Threat Defense did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 2 | 5.55 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 7.50 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Unified Threat Defense vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Cisco Unified Threat Defense Security Vulnerabilities
Multiple Cisco products are affected by a vulnerability in Snort access control policies
CVE-2023-20246
5.3 - Medium
- November 01, 2023
Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a logic error that occurs when the access control policies are being populated. An attacker could exploit this vulnerability by establishing a connection to an affected device. A successful exploit could allow the attacker to bypass configured access control rules on the affected system.
Multiple Cisco products are affected by a vulnerability in the Snort detection engine
CVE-2023-20071
5.8 - Medium
- November 01, 2023
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and deliver a malicious payload.
Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic
CVE-2021-40114
7.5 - High
- October 27, 2021
Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper memory resource management while the Snort detection engine is processing ICMP packets. An attacker could exploit this vulnerability by sending a series of ICMP packets through an affected device. A successful exploit could allow the attacker to exhaust resources on the affected device, causing the device to reload.
Memory Leak
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Cisco Secure Firewall Management Center or by Cisco? Click the Watch button to subscribe.
