CVE-2024-20261
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Summary
A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured file policy to block an encrypted archive file. This vulnerability exists because of a logic error when a specific class of encrypted archive files is inspected. An attacker could exploit this vulnerability by sending a crafted, encrypted archive file through the affected device. A successful exploit could allow the attacker to send an encrypted archive file, which could contain malware and should have been blocked and dropped at the Cisco FTD device.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Cisco | Cisco Firepower Threat Defense Software | 6.2.3 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.2.3.1 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.2.3.2 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.2.3.3 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.2.3.4 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.2.3.5 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.2.3.6 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.2.3.7 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.2.3.8 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.2.3.10 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.2.3.11 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.2.3.9 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.2.3.12 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.2.3.13 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.2.3.14 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.2.3.15 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.2.3.16 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.2.3.17 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.2.3.18 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.6.0 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.6.0.1 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.6.1 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.6.3 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.6.4 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.6.5 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.6.5.1 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.6.5.2 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.6.7 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.6.7.1 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.6.7.2 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.4.0 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.4.0.1 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.4.0.3 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.4.0.2 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.4.0.4 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.4.0.5 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.4.0.6 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.4.0.7 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.4.0.8 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.4.0.9 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.4.0.10 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.4.0.11 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.4.0.12 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.4.0.13 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.4.0.14 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.4.0.15 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.4.0.16 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.7.0 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.7.0.1 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.7.0.2 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 6.7.0.3 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 7.0.0 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 7.0.0.1 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 7.0.1 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 7.0.1.1 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 7.0.2 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 7.0.2.1 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 7.0.3 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 7.0.4 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 7.0.5 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 7.1.0 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 7.1.0.1 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 7.1.0.3 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 7.2.0 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 7.2.0.1 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 7.2.1 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 7.2.2 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 7.2.3 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 7.2.4 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 7.3.0 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 7.3.1 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 7.3.1.1 | affected |
| Cisco | Cisco Firepower Threat Defense Software | 7.3.1.2 | affected |
Weaknesses
- CWE-284: Improper Access Control
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.