CVE-2024-20493
CVE-2024-20493 is a medium-severity vulnerability in Cisco Firepower Threat Defense Software with a CVSS 3.x base score of 5.3. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-772.
Key facts
- Severity: Medium (CVSS 3.x base score 5.3)
- EPSS exploit prediction: 1% (41st percentile)
- Actively exploited: Not listed in CISA KEV
- EU (EUVD) id: EUVD-2024-18208
- Weakness: CWE-772
- Affected product: Cisco Firepower Threat Defense Software
- Published:
- Last modified:
Description
A vulnerability in the login authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to deny further VPN user authentications for several minutes, resulting in a temporary denial of service (DoS) condition. This vulnerability is due to ineffective handling of memory resources during the authentication process. An attacker could exploit this vulnerability by sending crafted packets, which could cause resource exhaustion of the authentication process. A successful exploit could allow the attacker to deny authentication for Remote Access SSL VPN users for several minutes, resulting in a temporary DoS condition.
Frequently asked questions
- What is CVE-2024-20493?
- A vulnerability in the login authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to deny further VPN user authentications for several minutes, resulting in a temporary denial of service (DoS) condition. This vulnerability is due to ineffective handling of memory resources during the authentication process. An attacker could exploit this vulnerability by sending crafted packets, which could cause resource exhaustion of the authentication process. A successful exploit could allow the attacker to deny authentication for Remote Access SSL VPN users for several minutes, resulting in a temporary DoS condition.
- How severe is CVE-2024-20493?
- CVE-2024-20493 has a CVSS 3.x base score of 5.3, rated medium severity. It is exploitable over network with low attack complexity, requires no privileges and no user interaction. Impact on confidentiality is none, integrity none, and availability low.
- Is CVE-2024-20493 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 1% (41st percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2024-20493?
- CVE-2024-20493 primarily affects Cisco Firepower Threat Defense Software. In total, 294 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2024-20493?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- Does CVE-2024-20493 have an EU (EUVD) identifier?
- Yes. CVE-2024-20493 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2024-18208.
- When was CVE-2024-20493 published?
- CVE-2024-20493 was published on 2024-10-23 and last updated on 2026-06-17.
References
Affected products (294)
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.12:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.13:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.14:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.15:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.16:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.17:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.2.3.18:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.4.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:firepower_threat_defense_software:6.6.0.1:*:*:*:*:*:*:*
More vulnerabilities in Cisco Firepower Threat Defense Software
- CVE-2026-20103 — High (CVSS 8.6): A vulnerability in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Appliance (ASA)…
- CVE-2026-20101 — High (CVSS 8.6): A vulnerability in the SAML 2.0 single sign-on (SSO) feature of Cisco Secure Firewall ASA Software and Secure FTD…
- CVE-2026-20039 — High (CVSS 8.6): A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco…
- CVE-2024-20426 — High (CVSS 8.6): A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol for VPN termination of Cisco Adaptive Security…
- CVE-2024-20351 — High (CVSS 8.6): A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense…
- CVE-2024-20339 — High (CVSS 8.6): A vulnerability in the TLS processing feature of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100…
All CVEs affecting Cisco Firepower Threat Defense Software →
Other CWE-772 vulnerabilities
- CVE-2020-12134 — Critical (CVSS 9.8): Nanometrics Centaur through 4.3.23 and TitanSMA through 4.2.20 mishandle access control for the syslog log.
- CVE-2017-15032 — Critical (CVSS 9.8): ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.
- CVE-2017-14138 — Critical (CVSS 9.8): ImageMagick 7.0.6-5 has a memory leak vulnerability in ReadWEBPImage in coders/webp.c because memory is not freed in…
- CVE-2017-11641 — Critical (CVSS 9.8): GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function in magick/pixel_cache.c during writing of Magick…
- CVE-2020-14339 — High (CVSS 8.8): A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. This…
- CVE-2018-19760 — High (CVSS 8.8): cfg_init in confuse.c in libConfuse 3.2.2 has a memory leak.