CVE-2024-20261

MEDIUM

Cisco Firepower Threat Defense - Info Disclosure

Title source: llm

Description

A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured file policy to block an encrypted archive file. This vulnerability exists because of a logic error when a specific class of encrypted archive files is inspected. An attacker could exploit this vulnerability by sending a crafted, encrypted archive file through the affected device. A successful exploit could allow the attacker to send an encrypted archive file, which could contain malware and should have been blocked and dropped at the Cisco FTD device.

References (1)

Core 1

Core References

Vendor Advisory

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-archive-bypass-z4wQjwcN

Scores

CVSS v3 5.8

EPSS 0.0019

EPSS Percentile 40.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-284

Status published

Products (50)

cisco/firepower_threat_defense 6.2.3

cisco/firepower_threat_defense 6.2.3.1

cisco/firepower_threat_defense 6.2.3.2

cisco/firepower_threat_defense 6.2.3.3

cisco/firepower_threat_defense 6.2.3.4

cisco/firepower_threat_defense 6.2.3.5

cisco/firepower_threat_defense 6.2.3.6

cisco/firepower_threat_defense 6.2.3.7

cisco/firepower_threat_defense 6.2.3.8

cisco/firepower_threat_defense 6.2.3.9

... and 40 more

Published May 22, 2024

Tracked Since Feb 18, 2026