← Back

CVE-2021-1224

nvd nist
Published: Jan 13, 2021Modified: Nov 26, 2024

JSON object

Loading...
5.3
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Exploitability: 3.9 / Impact: 1.4
Source: NVD

Description

Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP payload if it is contained at least partially within the TFO connection handshake. An attacker could exploit this vulnerability by sending crafted TFO packets with an HTTP payload through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload.

Affected (21)

Cisco
15 products
Firepower Threat Defense
Secure Firewall Management Center
Ios Xe
Meraki Mx64 Firmware
Meraki Mx64w Firmware
Meraki Mx67 Firmware
Meraki Mx67c Firmware
Meraki Mx67w Firmware
Meraki Mx68 Firmware
Meraki Mx68cw Firmware
Meraki Mx68w Firmware
Meraki Mx100 Firmware
Meraki Mx84 Firmware
Meraki Mx250 Firmware
Meraki Mx450 Firmware
Snort
1 product
Snort
Configuration A
7 vulnerable
Vulnerable SoftwareAffected Versions
Firepower Threat Defense
Before 6.7.0
Cisco
Secure Firewall Management Center
Version 2.9.14.0
Secure Firewall Management Center
Version 2.9.15
Secure Firewall Management Center
Version 2.9.16
Secure Firewall Management Center
Version 2.9.17
Secure Firewall Management Center
Version 2.9.18
Secure Firewall Management Center
Version 3.0.1
Configuration B
1 vulnerable · 15 platform
Vulnerable SoftwareAffected Versions
Ios Xe
Before 17.4.1
Running on/withPlatform Versions
Cisco
1100 4p Integrated Services Router
All versions
Cisco
1100 8p Integrated Services Router
All versions
Cisco
1101 4p Integrated Services Router
All versions
Cisco
1109 2p Integrated Services Router
All versions
Cisco
1109 4p Integrated Services Router
All versions
Cisco
1111x 8p Integrated Services Router
All versions
Cisco
4221 Integrated Services Router
All versions
Cisco
4321 Integrated Services Router
All versions
Cisco
4331 Integrated Services Router
All versions
Cisco
4351 Integrated Services Router
All versions
Cisco
4431 Integrated Services Router
All versions
Cisco
4451 X Integrated Services Router
All versions
Cisco
4461 Integrated Services Router
All versions
Cisco
Csr 1000v
All versions
Cisco
Isa 3000
All versions
Configuration C
1 vulnerable
Vulnerable SoftwareAffected Versions
Snort
Before 2.9.17
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Meraki Mx64 Firmware
All versions
Running on/withPlatform Versions
Cisco
Meraki Mx64
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Meraki Mx64w Firmware
All versions
Running on/withPlatform Versions
Cisco
Meraki Mx64w
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Meraki Mx67 Firmware
All versions
Running on/withPlatform Versions
Cisco
Meraki Mx67
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Meraki Mx67c Firmware
All versions
Running on/withPlatform Versions
Cisco
Meraki Mx67c
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Meraki Mx67w Firmware
All versions
Running on/withPlatform Versions
Cisco
Meraki Mx67w
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Meraki Mx68 Firmware
All versions
Running on/withPlatform Versions
Cisco
Meraki Mx68
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Meraki Mx68cw Firmware
All versions
Running on/withPlatform Versions
Cisco
Meraki Mx68cw
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Meraki Mx68w Firmware
All versions
Running on/withPlatform Versions
Cisco
Meraki Mx68w
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Meraki Mx100 Firmware
All versions
Running on/withPlatform Versions
Cisco
Meraki Mx100
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Meraki Mx84 Firmware
All versions
Running on/withPlatform Versions
Cisco
Meraki Mx84
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Meraki Mx250 Firmware
All versions
Running on/withPlatform Versions
Cisco
Meraki Mx250
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Meraki Mx450 Firmware
All versions
Running on/withPlatform Versions
Cisco
Meraki Mx450
All versions

Related CWEs

CWE-693
Protection Mechanism Failure
The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

References (6)

Source: psirt@cisco.com
Source: psirt@cisco.com
Vendor Advisory
Source: psirt@cisco.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.