CVE-2024-20342

Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter. 

This vulnerability is due to an incorrect connection count comparison. An attacker could exploit this vulnerability by sending traffic through an affected device at a rate that exceeds a configured rate filter. A successful exploit could allow the attacker to successfully bypass the rate filter. This could allow unintended traffic to enter the network protected by the affected device.

Published: Oct 23, 2024
Updated: Aug 12, 2025
CVE: CVE-2024-20342
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.6
AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
cisco / snort	3.0.0.0	3.1.74.0
cisco / firepower_threat_defense_software	7.1.0	7.1.0.x
cisco / firepower_threat_defense_software	7.3.0	7.3.0.x
cisco / firepower_threat_defense_software	-	7.0.6.2
cisco / firepower_threat_defense_software	7.2.0	7.2.6
cisco / firepower_threat_defense_software	7.4.0	7.4.2

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-rf-bypass-OY8f3pnM

Vulnerability Database

CVE-2024-20342