← Back

CVE-2021-1223

nvd nist
Published: Jan 13, 2021Modified: Nov 26, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload.

Affected (6)

Cisco
3 products
Firepower Threat Defense
Secure Firewall Management Center
Ios Xe
Snort
1 product
Snort
Configuration A
4 vulnerable
Vulnerable SoftwareAffected Versions
Firepower Threat Defense
Before 6.7.0
Cisco
Secure Firewall Management Center
Version 2.9.14.0
Secure Firewall Management Center
Version 2.9.15
Secure Firewall Management Center
Version 2.9.16
Configuration B
1 vulnerable · 15 platform
Vulnerable SoftwareAffected Versions
Ios Xe
Before 17.4.1
Running on/withPlatform Versions
Cisco
1100 4p Integrated Services Router
All versions
Cisco
1100 8p Integrated Services Router
All versions
Cisco
1101 4p Integrated Services Router
All versions
Cisco
1109 2p Integrated Services Router
All versions
Cisco
1109 4p Integrated Services Router
All versions
Cisco
1111x 8p Integrated Services Router
All versions
Cisco
4221 Integrated Services Router
All versions
Cisco
4321 Integrated Services Router
All versions
Cisco
4331 Integrated Services Router
All versions
Cisco
4351 Integrated Services Router
All versions
Cisco
4431 Integrated Services Router
All versions
Cisco
4451 X Integrated Services Router
All versions
Cisco
4461 Integrated Services Router
All versions
Cisco
Csr 1000v
All versions
Cisco
Isa 3000
All versions
Configuration C
1 vulnerable
Vulnerable SoftwareAffected Versions
Snort
Before 2.9.17

Related CWEs

CWE-693
Protection Mechanism Failure
The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

References (6)

Source: psirt@cisco.com
Source: psirt@cisco.com
Vendor Advisory
Source: psirt@cisco.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.