{"id":"CVE-2024-20342","details":"Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter. \r\n\r\nThis vulnerability is due to an incorrect connection count comparison. An attacker could exploit this vulnerability by sending traffic through an affected device at a rate that exceeds a configured rate filter. A successful exploit could allow the attacker to successfully bypass the rate filter. This could allow unintended traffic to enter the network protected by the affected device.","modified":"2026-04-02T09:54:53.495049Z","published":"2024-10-23T17:15:18.703Z","references":[{"type":"ADVISORY","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-rf-bypass-OY8f3pnM"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/snort3/snort3","events":[{"introduced":"0"},{"fixed":"7acc98e290fa2906737dc707d46b128070dbba93"}],"database_specific":{"versions":[{"introduced":"3.0.0.0"},{"fixed":"3.1.74.0"}]}}],"versions":["3.0.0-233","3.0.0-239","3.0.0-240","3.0.0-241","3.0.0-242","3.0.0-243","3.0.0-244","3.0.0-245","3.0.0-246","3.0.0-247","3.0.0-248","3.0.0-249","3.0.0-250","3.0.0-251","3.0.0-252","3.0.0-253","3.0.0-254","3.0.0-255","3.0.0-256","3.0.0-257","3.0.0-258","3.0.0-259","3.0.0-260","3.0.0-261","3.0.0-262","3.0.0-263","3.0.0-264","3.0.0-265","3.0.0-266","3.0.0-267","3.0.0-268","3.0.0-269","3.0.0-270","3.0.0_253","3.0.1-1","3.0.1-2","3.0.1-3","3.0.1-4","3.0.1-5","3.0.2-1","3.0.2-2","3.0.2-3","3.0.2-4","3.0.2-5","3.0.2-6","3.0.3-1","3.0.3-2","3.0.3-3","3.0.3-4","3.0.3-5","3.0.3-6","3.1.0.0","3.1.1.0","3.1.10.0","3.1.11.0","3.1.12.0","3.1.13.0","3.1.14.0","3.1.15.0","3.1.16.0","3.1.17.0","3.1.18.0","3.1.19.0","3.1.2.0","3.1.20.0","3.1.21.0","3.1.22.0","3.1.23.0","3.1.24.0","3.1.25.0","3.1.26.0","3.1.27.0","3.1.28.0","3.1.29.0","3.1.3.0","3.1.30.0","3.1.31.0","3.1.32.0","3.1.33.0","3.1.34.0","3.1.35.0","3.1.36.0","3.1.37.0","3.1.38.0","3.1.39.0","3.1.4.0","3.1.40.0","3.1.41.0","3.1.42.0","3.1.43.0","3.1.45.0","3.1.47.0","3.1.48.0","3.1.49.0","3.1.5.0","3.1.50.0","3.1.51.0","3.1.52.0","3.1.53.0","3.1.55.0","3.1.56.0","3.1.57.0","3.1.58.0","3.1.59.0","3.1.6.0","3.1.60.0","3.1.61.0","3.1.62.0","3.1.63.0","3.1.64.0","3.1.65.0","3.1.66.0","3.1.67.0","3.1.69.0","3.1.7.0","3.1.70.0","3.1.71.0","3.1.72.0","3.1.73.0","3.1.8.0","3.1.9.0","BUILD_233","BUILD_239","BUILD_240","BUILD_241","BUILD_242","BUILD_243","BUILD_247","BUILD_248"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"7.0.6.2"}]},{"events":[{"introduced":"7.2.0"},{"fixed":"7.2.6"}]},{"events":[{"introduced":"7.4.0"},{"fixed":"7.4.2"}]},{"events":[{"introduced":"0"},{"last_affected":"7.1.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.3.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-20342.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N"}]}