Vulnerability Details CVE-2024-20474
A vulnerability in Internet Key Exchange version 2 (IKEv2) processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of Cisco Secure Client.
This vulnerability is due to an integer underflow condition. An attacker could exploit this vulnerability by sending a crafted IKEv2 packet to an affected system. A successful exploit could allow the attacker to cause Cisco Secure Client Software to crash, resulting in a DoS condition on the client software.
Note: Cisco Secure Client Software releases 4.10 and earlier were known as Cisco AnyConnect Secure Mobility Client.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 26.2%
CVSS Severity
CVSS v3 Score 4.3
Products affected by CVE-2024-20474
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.00086
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.01095
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.02028
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.03047
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.03049
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.04043
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.04053
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.05042
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.06037
-
cpe:2.3:a:cisco:secure_client:4.10.00093
-
cpe:2.3:a:cisco:secure_client:4.10.01075
-
cpe:2.3:a:cisco:secure_client:4.10.02086
-
cpe:2.3:a:cisco:secure_client:4.10.03104
-
cpe:2.3:a:cisco:secure_client:4.10.04065
-
cpe:2.3:a:cisco:secure_client:4.10.04071
-
cpe:2.3:a:cisco:secure_client:4.10.05085
-
cpe:2.3:a:cisco:secure_client:4.10.05095
-
cpe:2.3:a:cisco:secure_client:4.10.05111
-
cpe:2.3:a:cisco:secure_client:4.10.06079
-
cpe:2.3:a:cisco:secure_client:4.10.06090
-
cpe:2.3:a:cisco:secure_client:4.10.07061
-
cpe:2.3:a:cisco:secure_client:4.10.07062
-
cpe:2.3:a:cisco:secure_client:4.10.07073
-
cpe:2.3:a:cisco:secure_client:4.10.08025
-
cpe:2.3:a:cisco:secure_client:4.10.08029
-
cpe:2.3:a:cisco:secure_client:5.0.00238
-
cpe:2.3:a:cisco:secure_client:5.0.00529
-
cpe:2.3:a:cisco:secure_client:5.0.00556
-
cpe:2.3:a:cisco:secure_client:5.0.01242
-
cpe:2.3:a:cisco:secure_client:5.0.02075
-
cpe:2.3:a:cisco:secure_client:5.0.03072
-
cpe:2.3:a:cisco:secure_client:5.0.03076
-
cpe:2.3:a:cisco:secure_client:5.0.04032
-
cpe:2.3:a:cisco:secure_client:5.0.05040
-
cpe:2.3:a:cisco:secure_client:5.1.0.136
-
cpe:2.3:a:cisco:secure_client:5.1.1.42
-
cpe:2.3:a:cisco:secure_client:5.1.2.42
-
cpe:2.3:a:cisco:secure_client:5.1.3.62