Cyber Resilience

CVE-2024-20342

Medium

Published: 23 October 2024

Published
23 October 2024
Modified
11 August 2025
KEV Added
Patch
CVSS Score v3.1 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
EPSS Score 0.0005 17.1th percentile
Risk Priority 12 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-20342 is a medium-severity Comparison Using Wrong Factors (CWE-1025) vulnerability in Cisco Firepower Threat Defense Software. Its CVSS base score is 5.8 (Medium).

Operationally, ranked at the 17.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter.  This vulnerability is due to an incorrect connection…

more

count comparison. An attacker could exploit this vulnerability by sending traffic through an affected device at a rate that exceeds a configured rate filter. A successful exploit could allow the attacker to successfully bypass the rate filter. This could allow unintended traffic to enter the network protected by the affected device.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

cisco
snort
3.0.0.0 — 3.1.74.0
cisco
firepower threat defense software
7.1.0, 7.3.0 · ≤ 7.0.6.2 · 7.2.0 — 7.2.6 · 7.4.0 — 7.4.2

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References