CVE-2024-20261

{"id": "CVE-2024-20261", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@cisco.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2024-05-22T17:16:12.873", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-archive-bypass-z4wQjwcN", "tags": ["Vendor Advisory"], "source": "psirt@cisco.com"}, {"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-archive-bypass-z4wQjwcN", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "psirt@cisco.com", "description": [{"lang": "en", "value": "CWE-284"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured file policy to block an encrypted archive file. This vulnerability exists because of a logic error when a specific class of encrypted archive files is inspected. An attacker could exploit this vulnerability by sending a crafted, encrypted archive file through the affected device. A successful exploit could allow the attacker to send an encrypted archive file, which could contain malware and should have been blocked and dropped at the Cisco FTD device."}, {"lang": "es", "value": "Una vulnerabilidad en la funci\u00f3n de pol\u00edtica de archivos que se utiliza para inspeccionar archivos cifrados del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado omita una pol\u00edtica de archivos configurada para bloquear un archivo cifrado. Esta vulnerabilidad existe debido a un error l\u00f3gico cuando se inspecciona una clase espec\u00edfica de archivos cifrados. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un archivo cifrado y manipulado a trav\u00e9s del dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante enviar un archivo cifrado, que podr\u00eda contener malware y deber\u00eda haber sido bloqueado y colocado en el dispositivo FTD de Cisco."}], "lastModified": "2025-07-30T19:11:18.480", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FAD2427-82A3-4E64-ADB5-FA4F40B568F9"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08D5A647-AC21-40AC-8B3C-EE5D3EDA038A"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0BAE999A-5244-46CF-8C12-D68E789BDEE1"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6468D3D-C5A7-4FAE-B4B9-AD862CD11055"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6E4808D-592E-46A6-A83A-A46227D817B8"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1AB45136-ACCD-4230-8975-0EBB30D5B375"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2C39AC1-1B96-4253-9FC8-4CC26D6261F4"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE9102C8-F211-4E50-967F-FD51C7FC904F"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4933642-89E5-4909-AD3C-862CD3B77790"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9A6C776-79B3-47ED-B013-100B8F08E1C4"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E504F28A-44CE-4B3E-9330-6A98728E3AEC"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FEA0DD43-D206-4C1C-8B17-DA47F96B3BAC"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1983172D-4F52-479F-BF14-A84B92D36864"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4122D982-A57A-4249-A8DC-CE9FC6C98803"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "96464380-F665-4266-B0AD-693E078C9F82"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C230B8A-570D-4F58-83E1-AFA50B813EA4"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD3F39CB-C4C2-4B13-94F0-9E44322314BD"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59A71873-0EB2-418F-AE33-8474A1010FA5"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E6BD0EE-649E-4ED6-A09C-8364335DEF52"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1AE11554-FE3C-4C8B-8986-5D88E4967342"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E1C11983-22A8-4859-A240-571A7815FF54"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24CD0B0A-2B91-45DD-9522-8D1D3850CC9B"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7026F0E-72A7-4CDF-BADC-E34FE6FADC51"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63B85369-FBAE-456C-BC99-5418B043688A"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86434346-D5F0-49BA-803E-244C3266E361"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2FA7B3C-002D-4755-B323-CA24B770A5B9"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1CB7EBC-F3D5-4855-A8D8-BA5AB21FD719"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F2A5530C-DF29-421B-9712-3454C1769446"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41170977-FEEA-4B51-BF98-8493096CD691"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B05791F9-0B31-4C4C-A9BA-9268CAA45FB2"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D975CBA-7F01-4A4C-991B-9571410C4F07"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B6D7AF29-4E08-4BFD-AFE0-994309E66F08"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2EFA476-5021-4A00-859E-1643009D6156"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6E3A5DC-A237-46E4-A4E5-F135482F984A"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20AE4051-FA3B-4F0B-BD3D-083A14269FF6"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46A42D07-FF3E-41B4-BA39-3A5BDA4E0E61"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3985EA37-2B77-45F2-ABA5-5CCC7B35CA2E"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67FB5ABE-3C40-4C58-B91F-0621C2180FAC"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53909FD6-EC74-4D2F-99DA-26E70400B53F"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55FE024D-0D43-40AD-9645-8C54ECF17824"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC411A8D-CD39-46F5-B8FC-6753E618FAEC"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D46E2E00-BA86-4002-B67B-2C1A6C1AAAE0"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "91AD8BA2-EB8D-4D8B-B707-AF5C2A831998"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8FA95508-0A28-4D4A-81A7-5CDD1F5DA46C"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "828E3DE1-B62E-4FEC-AAD3-EB0E452C9CBC"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "596EC5DD-D7F4-44C8-B4B5-E2DC142FC486"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C356E0E6-5B87-40CF-996E-6FFEDFD82A31"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F3C12D3-7662-46C5-9E88-D1BE6CF605E0"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "046B53A0-6BC1-461A-9C28-C534CE12C4BD"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CA889E1-4E8F-4ECE-88AC-7A240D5CBF0A"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D1C767F-3E06-43B7-A0CC-D51D97A053EB"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43A950B0-A7CA-4CE7-A393-A18C8C41B08E"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7E221CB-BD0F-4AEE-8646-998B75647714"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "225382DE-2919-48F4-9CC0-DE685EAAFDF4"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FBA2DFE7-F478-46EC-9832-4B2C738FC879"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "469EA365-DED5-4436-AAC2-5553529DE700"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5364CB94-BEA3-4E9A-A2F9-EE96A2D7F8AB"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16FD5D12-CF1A-4990-99B3-1840EFBA5611"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FCD2D11D-FF08-44E4-BF67-D8DD1E701FCD"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F788D156-1F1F-4A08-848B-257BC4CCE000"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "795ED164-7800-4D50-8E37-665BE30190D9"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B0664B8-1670-4F47-A01E-089D05A9618A"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F6826018-5620-4924-BE92-6A245378F610"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EBC0C3DC-4761-488A-90A9-6EA45EE61526"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62EE065B-F8B6-4125-8486-B2EE0566B27A"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5245DEF8-64BE-47C9-AA3C-DF3F7F92A89F"}, {"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.3.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5A52991-802D-46FB-A508-5616BA1CEB78"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@cisco.com"}