How severe is CVE-2024-20363?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.8 out of 10.

What type of vulnerability is CVE-2024-20363?

This is classified as CWE-290, which is a common weakness in software security.

CVE-2024-20363

MEDIUM Year: 2024

CVSS v3 Score

5.8

Medium

Weakness Type

CWE-290

View all →

Vulnerability Description

Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System (IPS) rule engine that could allow an unauthenticated, remote attacker to bypass the configured rules on an affected system. This vulnerability is due to incorrect HTTP packet handling. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured IPS rules and allow uninspected traffic onto the network.

CVE-2023-20245

MEDIUM

CVSS:5.8(Medium)

Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote a...

CWE-2902023

CVE-2023-20256

MEDIUM

CVSS:5.8(Medium)

CWE-2902023

CVE-2024-20297

MEDIUM

CVSS:5.8(Medium)

A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to byp...

CWE-2902024

CVE-2024-20299

MEDIUM

CVSS:5.8(Medium)

CWE-2902024

CVE-2024-20384

MEDIUM

CVSS:5.8(Medium)

A vulnerability in the Network Service Group (NSG) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote ...

CWE-2902024

CVE-2020-27276

MEDIUM

CVSS:5.7(Medium)

SOOIL Developments Co Ltd DiabecareRS,AnyDana-i & AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i & AnyDana-A mobile apps doesn't use adequate measures to authenticate the ...

CWE-2902020

CVE-2024-20363

Vulnerability Description

Related Vulnerabilities

CVE-2023-20245

CVE-2023-20256

CVE-2024-20297

CVE-2024-20299

CVE-2024-20384

CVE-2020-27276