CVE-2024-20353

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance (ASA) (affected versions not specified) Cisco Firepower Threat Defense (FTD) (affected versions not specified)

Description A flaw in the management and VPN web servers of the affected software allows an unauthenticated remote attacker to cause a denial of service (DoS) condition. The issue stems from incomplete error checking when parsing an HTTP header or the execution of a loop with an unreachable exit condition. An attacker can trigger an unexpected device reload by sending a specially crafted HTTP request to a targeted web server on the device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.