Skip to main content

Firepower Threat Defense Software CVE-2024-20481

MEDIUM
Missing Release of Resource after Effective Lifetime (CWE-772)
2024-10-23 psirt@cisco.com
5.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.8 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
None
Availability
Low

Lifecycle Timeline

2
Added to CISA KEV
Jul 14, 2026 - 04:22 CISA
CVE Published
Oct 23, 2024 - 18:15 nvd
MEDIUM 5.8

DescriptionNVD

A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the RAVPN service. This vulnerability is due to resource exhaustion. An attacker could exploit this vulnerability by sending a large number of VPN authentication requests to an affected device. A successful exploit could allow the attacker to exhaust resources, resulting in a DoS of the RAVPN service on the affected device. Depending on the impact of the attack, a reload of the device may be required to restore the RAVPN service. Services that are not related to VPN are not affected. Cisco Talos discussed these attacks in the blog post Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials.

AnalysisAI

A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-772. A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the RAVPN service. This vulnerability is due to resource exhaustion. An attacker could exploit this vulnerability by sending a large number of VPN authentication requests to an affected device. A successful exploit could allow the attacker to exhaust resources, resulting in a DoS of the RAVPN service on the affected device. Depending on the impact of the attack, a reload of the device may be required to restore the RAVPN service. Services that are not related to VPN are not affected. Cisco Talos discussed these attacks in the blog post Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials. Affected products include: Cisco Firepower Threat Defense Software, Cisco Adaptive Security Appliance Software.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2024-20426 HIGH
8.6 Oct 23

A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol for VPN termination of Cisco Adaptive Security A

CVE-2024-20342 HIGH
8.6 Oct 23

Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that

CVE-2024-20351 HIGH
7.5 Oct 23

A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense

CVE-2024-20339 HIGH
7.5 Oct 23

A vulnerability in the TLS processing feature of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100

CVE-2024-20485 MEDIUM
6.7 Oct 23

A vulnerability in the VPN web server of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Def

CVE-2024-20358 MEDIUM
6.7 Apr 24

A vulnerability in the Cisco Adaptive Security Appliance (ASA) restore functionality that is available in Cisco ASA Soft

CVE-2024-20341 MEDIUM
6.1 Oct 23

A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Fir

CVE-2024-20331 MEDIUM
5.9 Oct 23

A vulnerability in the session authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Secur

CVE-2026-20024 MEDIUM
5.7 Mar 04

OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software is affected by buffer overflow (CVSS 6

CVE-2024-20493 MEDIUM
5.3 Oct 23

A vulnerability in the login authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Securit

Share

CVE-2024-20481 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy