How severe is CVE-2024-20465?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.8 out of 10.

What type of vulnerability is CVE-2024-20465?

This is classified as CWE-284, which is a common weakness in software security.

CVE-2024-20465

MEDIUM Year: 2024

CVSS v3 Score

5.8

Medium

Weakness Type

CWE-284

View all →

Vulnerability Description

A vulnerability in the access control list (ACL) programming of Cisco IOS Software running on Cisco Industrial Ethernet 4000, 4010, and 5000 Series Switches could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the incorrect handling of IPv4 ACLs on switched virtual interfaces when an administrator enables and disables Resilient Ethernet Protocol (REP). An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an ACL on the affected device.

CVE-2018-11456

MEDIUM

CVSS:5.8(Medium)

A vulnerability has been identified in Automation License Manager 5 (All versions < 5.3.4.4). An attacker with network access to the device could send specially crafted network packets to determine wh...

CWE-2842018

CVE-2019-12627

MEDIUM

CVSS:5.8(Medium)

A vulnerability in the application policy configuration of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensiti...

CWE-2842019

CVE-2019-1686

MEDIUM

CVSS:5.8(Medium)

A vulnerability in the TCP flags inspection feature for access control lists (ACLs) on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass prot...

CWE-2842019

CVE-2020-3312

MEDIUM

CVSS:5.8(Medium)

A vulnerability in the application policy configuration of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive d...

CWE-2842020

CVE-2020-3448

MEDIUM

CVSS:5.8(Medium)

A vulnerability in an access control mechanism of Cisco Cyber Vision Center Software could allow an unauthenticated, remote attacker to bypass authentication and access internal services that are runn...

CWE-2842020

CVE-2020-3564

MEDIUM

CVSS:5.8(Medium)

A vulnerability in the FTP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to by...

CWE-2842020

CVE-2024-20465

Vulnerability Description

Related Vulnerabilities

CVE-2018-11456

CVE-2019-12627

CVE-2019-1686

CVE-2020-3312

CVE-2020-3448

CVE-2020-3564