Cisco ASA and FTD Denial of Service Vulnerability

Added April 24, 2024 • Due May 1, 2024 • CVE-2024-20353

Overdue Cisco / Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) CWE-835

Description

Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an infinite loop vulnerability that can lead to remote denial of service condition.

Required Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-websrvs-dos-X8gNucD2
https://nvd.nist.gov/vuln/detail/CVE-2024-20353

Additional Information

Catalog Version: 2025.01.24
Catalog Released: Jan. 24, 2025
Days Until Due: 0 days
Last Updated: 6 months, 3 weeks ago