CVE-2024-20260

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Virtual Appliance (ASAv) (affected versions not specified) Cisco Secure Firewall Threat Defense Virtual (FTDv) (affected versions not specified)

Description: A vulnerability in the VPN and management web servers of the affected platforms could allow an unauthenticated, remote attacker to cause the virtual devices to run out of system memory. This is due to a lack of proper memory management for new incoming SSL/TLS connections. An attacker could exploit this vulnerability by sending a large number of new incoming SSL/TLS connections to the targeted virtual platform, resulting in a denial of service (DoS) condition. The memory could be reclaimed slowly if the attack traffic is stopped, but a manual reload may be required to restore operations quickly.

Recommendations: For Cisco Adaptive Security Virtual Appliance (ASAv), at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Cisco Secure Firewall Threat Defense Virtual (FTDv), at the moment, there is no information about a newer version that contains a fix for this vulnerability.