Description
Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System (IPS) rule engine that could allow an unauthenticated, remote attacker to bypass the configured rules on an affected system. This vulnerability is due to incorrect HTTP packet handling. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured IPS rules and allow uninspected traffic onto the network.
Scores
CVSS v3
5.8
EPSS
0.0014
EPSS Percentile
34.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-290
Status
published
Products (6)
cisco/firepower_threat_defense
7.4.0
cisco/snort
3.0.0-233 - 3.1.69.0
cisco/unified_threat_defense_snort_intrusion_prevention_system_engine
17.6.4
cisco/unified_threat_defense_snort_intrusion_prevention_system_engine
17.6.5
cisco/unified_threat_defense_snort_intrusion_prevention_system_engine
17.12.1a
cisco/unified_threat_defense_snort_intrusion_prevention_system_engine
17.12.2
Published
May 22, 2024
Tracked Since
Feb 18, 2026