Cisco ASA/FTD SSL VPN DoS via crafted SSL/TLS
CVE-2024-20402 Published on October 23, 2024
A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a logic error in memory management when the device is handling SSL VPN connections. An attacker could exploit this vulnerability by sending crafted SSL/TLS packets to the SSL VPN server of the affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
Vulnerability Analysis
CVE-2024-20402 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
NONE
Scope:
CHANGED
Confidentiality Impact:
NONE
Integrity Impact:
NONE
Availability Impact:
HIGH
Weakness Type
Access of Memory Location After End of Buffer
The software reads or writes to a buffer using an index or pointer that references a memory location after the end of the buffer. This typically occurs when a pointer or its index is decremented to a position before the buffer; when pointer arithmetic results in a position before the buffer; or when a negative index is used, which generates a position before the buffer.
Products Associated with CVE-2024-20402
Want to know whenever a new CVE is published for Cisco products? stack.watch will email you.
Affected Versions
Cisco Adaptive Security Appliance (ASA) Software:- Version 9.8.1 is affected.
- Version 9.8.1.5 is affected.
- Version 9.8.1.7 is affected.
- Version 9.8.2 is affected.
- Version 9.8.2.8 is affected.
- Version 9.8.2.14 is affected.
- Version 9.8.2.15 is affected.
- Version 9.8.2.17 is affected.
- Version 9.8.2.20 is affected.
- Version 9.8.2.24 is affected.
- Version 9.8.2.26 is affected.
- Version 9.8.2.28 is affected.
- Version 9.8.2.33 is affected.
- Version 9.8.2.35 is affected.
- Version 9.8.2.38 is affected.
- Version 9.8.3.8 is affected.
- Version 9.8.3.11 is affected.
- Version 9.8.3.14 is affected.
- Version 9.8.3.16 is affected.
- Version 9.8.3.18 is affected.
- Version 9.8.3.21 is affected.
- Version 9.8.3 is affected.
- Version 9.8.3.26 is affected.
- Version 9.8.3.29 is affected.
- Version 9.8.4 is affected.
- Version 9.8.4.3 is affected.
- Version 9.8.4.7 is affected.
- Version 9.8.4.8 is affected.
- Version 9.8.4.10 is affected.
- Version 9.8.4.12 is affected.
- Version 9.8.4.15 is affected.
- Version 9.8.4.17 is affected.
- Version 9.8.2.45 is affected.
- Version 9.8.4.25 is affected.
- Version 9.8.4.20 is affected.
- Version 9.8.4.22 is affected.
- Version 9.8.4.26 is affected.
- Version 9.8.4.29 is affected.
- Version 9.8.4.32 is affected.
- Version 9.8.4.33 is affected.
- Version 9.8.4.34 is affected.
- Version 9.8.4.35 is affected.
- Version 9.8.4.39 is affected.
- Version 9.8.4.40 is affected.
- Version 9.8.4.41 is affected.
- Version 9.8.4.43 is affected.
- Version 9.8.4.44 is affected.
- Version 9.8.4.45 is affected.
- Version 9.8.4.46 is affected.
- Version 9.8.4.48 is affected.
- Version 9.12.1 is affected.
- Version 9.12.1.2 is affected.
- Version 9.12.1.3 is affected.
- Version 9.12.2 is affected.
- Version 9.12.2.4 is affected.
- Version 9.12.2.5 is affected.
- Version 9.12.2.9 is affected.
- Version 9.12.3 is affected.
- Version 9.12.3.2 is affected.
- Version 9.12.3.7 is affected.
- Version 9.12.4 is affected.
- Version 9.12.3.12 is affected.
- Version 9.12.3.9 is affected.
- Version 9.12.2.1 is affected.
- Version 9.12.4.2 is affected.
- Version 9.12.4.4 is affected.
- Version 9.12.4.7 is affected.
- Version 9.12.4.10 is affected.
- Version 9.12.4.13 is affected.
- Version 9.12.4.8 is affected.
- Version 9.12.4.18 is affected.
- Version 9.12.4.24 is affected.
- Version 9.12.4.26 is affected.
- Version 9.12.4.29 is affected.
- Version 9.12.4.30 is affected.
- Version 9.12.4.35 is affected.
- Version 9.12.4.37 is affected.
- Version 9.12.4.38 is affected.
- Version 9.12.4.39 is affected.
- Version 9.12.4.40 is affected.
- Version 9.12.4.41 is affected.
- Version 9.12.4.47 is affected.
- Version 9.12.4.48 is affected.
- Version 9.12.4.50 is affected.
- Version 9.12.4.52 is affected.
- Version 9.12.4.54 is affected.
- Version 9.12.4.55 is affected.
- Version 9.12.4.56 is affected.
- Version 9.12.4.58 is affected.
- Version 9.12.4.62 is affected.
- Version 9.12.4.65 is affected.
- Version 9.12.4.67 is affected.
- Version 9.14.1 is affected.
- Version 9.14.1.10 is affected.
- Version 9.14.1.6 is affected.
- Version 9.14.1.15 is affected.
- Version 9.14.1.19 is affected.
- Version 9.14.1.30 is affected.
- Version 9.14.2 is affected.
- Version 9.14.2.4 is affected.
- Version 9.14.2.8 is affected.
- Version 9.14.2.13 is affected.
- Version 9.14.2.15 is affected.
- Version 9.14.3 is affected.
- Version 9.14.3.1 is affected.
- Version 9.14.3.9 is affected.
- Version 9.14.3.11 is affected.
- Version 9.14.3.13 is affected.
- Version 9.14.3.18 is affected.
- Version 9.14.3.15 is affected.
- Version 9.14.4 is affected.
- Version 9.14.4.6 is affected.
- Version 9.14.4.7 is affected.
- Version 9.14.4.12 is affected.
- Version 9.14.4.13 is affected.
- Version 9.14.4.14 is affected.
- Version 9.14.4.15 is affected.
- Version 9.14.4.17 is affected.
- Version 9.14.4.22 is affected.
- Version 9.14.4.23 is affected.
- Version 9.14.4.24 is affected.
- Version 9.15.1 is affected.
- Version 9.15.1.7 is affected.
- Version 9.15.1.10 is affected.
- Version 9.15.1.15 is affected.
- Version 9.15.1.16 is affected.
- Version 9.15.1.17 is affected.
- Version 9.15.1.1 is affected.
- Version 9.15.1.21 is affected.
- Version 9.16.1 is affected.
- Version 9.16.1.28 is affected.
- Version 9.16.2 is affected.
- Version 9.16.2.3 is affected.
- Version 9.16.2.7 is affected.
- Version 9.16.2.11 is affected.
- Version 9.16.2.13 is affected.
- Version 9.16.2.14 is affected.
- Version 9.16.3 is affected.
- Version 9.16.3.3 is affected.
- Version 9.16.3.14 is affected.
- Version 9.16.3.15 is affected.
- Version 9.16.3.19 is affected.
- Version 9.16.3.23 is affected.
- Version 9.16.4 is affected.
- Version 9.16.4.9 is affected.
- Version 9.16.4.14 is affected.
- Version 9.16.4.18 is affected.
- Version 9.16.4.19 is affected.
- Version 9.16.4.27 is affected.
- Version 9.16.4.38 is affected.
- Version 9.16.4.39 is affected.
- Version 9.16.4.42 is affected.
- Version 9.16.4.48 is affected.
- Version 9.16.4.55 is affected.
- Version 9.16.4.57 is affected.
- Version 9.16.4.61 is affected.
- Version 9.17.1 is affected.
- Version 9.17.1.7 is affected.
- Version 9.17.1.9 is affected.
- Version 9.17.1.10 is affected.
- Version 9.17.1.11 is affected.
- Version 9.17.1.13 is affected.
- Version 9.17.1.15 is affected.
- Version 9.17.1.20 is affected.
- Version 9.17.1.30 is affected.
- Version 9.17.1.33 is affected.
- Version 9.17.1.39 is affected.
- Version 9.18.1 is affected.
- Version 9.18.1.3 is affected.
- Version 9.18.2 is affected.
- Version 9.18.2.5 is affected.
- Version 9.18.2.7 is affected.
- Version 9.18.2.8 is affected.
- Version 9.18.3 is affected.
- Version 9.18.3.39 is affected.
- Version 9.18.3.46 is affected.
- Version 9.18.3.53 is affected.
- Version 9.18.3.55 is affected.
- Version 9.18.3.56 is affected.
- Version 9.18.4 is affected.
- Version 9.18.4.5 is affected.
- Version 9.18.4.8 is affected.
- Version 9.18.4.22 is affected.
- Version 9.18.4.24 is affected.
- Version 9.18.4.29 is affected.
- Version 9.19.1 is affected.
- Version 9.19.1.5 is affected.
- Version 9.19.1.9 is affected.
- Version 9.19.1.12 is affected.
- Version 9.19.1.18 is affected.
- Version 9.19.1.22 is affected.
- Version 9.19.1.24 is affected.
- Version 9.19.1.27 is affected.
- Version 9.19.1.28 is affected.
- Version 9.19.1.31 is affected.
- Version 6.2.3 is affected.
- Version 6.2.3.1 is affected.
- Version 6.2.3.2 is affected.
- Version 6.2.3.3 is affected.
- Version 6.2.3.4 is affected.
- Version 6.2.3.5 is affected.
- Version 6.2.3.6 is affected.
- Version 6.2.3.7 is affected.
- Version 6.2.3.8 is affected.
- Version 6.2.3.10 is affected.
- Version 6.2.3.11 is affected.
- Version 6.2.3.9 is affected.
- Version 6.2.3.12 is affected.
- Version 6.2.3.13 is affected.
- Version 6.2.3.14 is affected.
- Version 6.2.3.15 is affected.
- Version 6.2.3.16 is affected.
- Version 6.2.3.17 is affected.
- Version 6.2.3.18 is affected.
- Version 6.6.0 is affected.
- Version 6.6.0.1 is affected.
- Version 6.6.1 is affected.
- Version 6.6.3 is affected.
- Version 6.6.4 is affected.
- Version 6.6.5 is affected.
- Version 6.6.5.1 is affected.
- Version 6.6.5.2 is affected.
- Version 6.6.7 is affected.
- Version 6.6.7.1 is affected.
- Version 6.6.7.2 is affected.
- Version 6.4.0 is affected.
- Version 6.4.0.1 is affected.
- Version 6.4.0.3 is affected.
- Version 6.4.0.2 is affected.
- Version 6.4.0.4 is affected.
- Version 6.4.0.5 is affected.
- Version 6.4.0.6 is affected.
- Version 6.4.0.7 is affected.
- Version 6.4.0.8 is affected.
- Version 6.4.0.9 is affected.
- Version 6.4.0.10 is affected.
- Version 6.4.0.11 is affected.
- Version 6.4.0.12 is affected.
- Version 6.4.0.13 is affected.
- Version 6.4.0.14 is affected.
- Version 6.4.0.15 is affected.
- Version 6.4.0.16 is affected.
- Version 6.4.0.17 is affected.
- Version 6.4.0.18 is affected.
- Version 6.7.0 is affected.
- Version 6.7.0.1 is affected.
- Version 6.7.0.2 is affected.
- Version 6.7.0.3 is affected.
- Version 7.0.0 is affected.
- Version 7.0.0.1 is affected.
- Version 7.0.1 is affected.
- Version 7.0.1.1 is affected.
- Version 7.0.2 is affected.
- Version 7.0.2.1 is affected.
- Version 7.0.3 is affected.
- Version 7.0.4 is affected.
- Version 7.0.5 is affected.
- Version 7.0.6 is affected.
- Version 7.0.6.1 is affected.
- Version 7.0.6.2 is affected.
- Version 7.1.0 is affected.
- Version 7.1.0.1 is affected.
- Version 7.1.0.2 is affected.
- Version 7.1.0.3 is affected.
- Version 7.2.0 is affected.
- Version 7.2.0.1 is affected.
- Version 7.2.1 is affected.
- Version 7.2.2 is affected.
- Version 7.2.3 is affected.
- Version 7.2.4 is affected.
- Version 7.2.4.1 is affected.
- Version 7.2.5 is affected.
- Version 7.2.5.1 is affected.
- Version 7.2.6 is affected.
- Version 7.2.7 is affected.
- Version 7.2.5.2 is affected.
- Version 7.2.8 is affected.
- Version 7.2.8.1 is affected.
- Version 7.3.0 is affected.
- Version 7.3.1 is affected.
- Version 7.3.1.1 is affected.
- Version 7.3.1.2 is affected.
- Version 9.8.1, <= 9.8.4.48 is affected.
- Version 9.12.1, <= 9.12.4.67 is affected.
- Version 9.14.1, <= 9.14.4.24 is affected.
- Version 9.15.1, <= 9.15.1.21 is affected.
- Version 9.16.1, <= 9.16.4.61 is affected.
- Version 9.17.1, <= 9.17.1.39 is affected.
- Version 9.18.1, <= 9.18.4.29 is affected.
- Version 9.19.1, <= 9.19.1.31 is affected.
- Version 6.2.3, <= 6.2.3.18 is affected.
- Version 6.4.0, <= 6.4.0.18 is affected.
- Version 6.6.0, <= 6.6.7.2 is affected.
- Version 6.7.0, <= 6.7.0.3 is affected.
- Version 7.0.0, <= 7.0.6.2 is affected.
- Version 7.1.0, <= 7.1.0.3 is affected.
- Version 7.2.0, <= 7.2.8.1 is affected.
- Version 7.3.0, <= 7.3.1.2 is affected.
Exploit Probability
EPSS
0.84%
Percentile
74.55%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.