← Back

CVE-2021-1236

nvd nist
Published: Jan 13, 2021Modified: Nov 26, 2024

JSON object

Loading...
5.3
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Exploitability: 3.9 / Impact: 1.4
Source: NVD

Description

Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. The vulnerability is due to a flaw in the detection algorithm. An attacker could exploit this vulnerability by sending crafted packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network.

Affected (8)

Cisco
3 products
Ios Xe
Firepower Threat Defense
Secure Firewall Management Center
Snort
1 product
Snort
Configuration A
1 vulnerable · 15 platform
Vulnerable SoftwareAffected Versions
Ios Xe
Before 17.4.1
Running on/withPlatform Versions
Cisco
1100 4p Integrated Services Router
All versions
Cisco
1100 8p Integrated Services Router
All versions
Cisco
1101 4p Integrated Services Router
All versions
Cisco
1109 2p Integrated Services Router
All versions
Cisco
1109 4p Integrated Services Router
All versions
Cisco
1111x 8p Integrated Services Router
All versions
Cisco
4221 Integrated Services Router
All versions
Cisco
4321 Integrated Services Router
All versions
Cisco
4331 Integrated Services Router
All versions
Cisco
4351 Integrated Services Router
All versions
Cisco
4431 Integrated Services Router
All versions
Cisco
4451 X Integrated Services Router
All versions
Cisco
4461 Integrated Services Router
All versions
Cisco
Csr 1000v
All versions
Cisco
Isa 3000
All versions
Configuration B
6 vulnerable
Vulnerable SoftwareAffected Versions
Firepower Threat Defense
Before 6.5.0.5
Cisco
Secure Firewall Management Center
Version 2.9.14.0
Secure Firewall Management Center
Version 2.9.14.14
Secure Firewall Management Center
Version 2.9.15
Secure Firewall Management Center
Version 2.9.16
Secure Firewall Management Center
Version 2.9.17
Configuration C
1 vulnerable
Vulnerable SoftwareAffected Versions
Snort
Before 2.9.14

Related CWEs

CWE-670
Always-Incorrect Control Flow Implementation
The code contains a control flow path that does not reflect the algorithm that the path is intended to implement, leading to incorrect behavior any time this path is navigated.

References (6)

Source: psirt@cisco.com
Source: psirt@cisco.com
Vendor Advisory
Source: psirt@cisco.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.