Vulnerabilities > Cisco > Unified Threat Defense Snort Intrusion Prevention System Engine

DATE CVE VULNERABILITY TITLE RISK
2024-09-25 CVE-2024-20508 Out-of-bounds Write vulnerability in Cisco Unified Threat Defense Snort Intrusion Prevention System Engine
A vulnerability in Cisco Unified Threat Defense (UTD) Snort Intrusion Prevention System (IPS) Engine for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured security policies or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of HTTP requests when they are processed by Cisco UTD Snort IPS Engine.
network
low complexity
cisco CWE-787
6.5