← Back

CVE-2021-34791

nvd nist
Published: Oct 27, 2021Modified: Nov 21, 2024

JSON object

Loading...
5.3
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Exploitability: 3.9 / Impact: 1.4
Source: NVD

Description

Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG. For more information about these vulnerabilities, see the Details section of this advisory. Note: These vulnerabilities have been publicly discussed as NAT Slipstreaming.

Affected (23)

Cisco
11 products
Adaptive Security Appliance
Adaptive Security Appliance Software
Firepower Threat Defense
Asa 5512 X Firmware
Asa 5505 Firmware
Asa 5515 X Firmware
Asa 5525 X Firmware
Asa 5545 X Firmware
Asa 5555 X Firmware
Asa 5580 Firmware
Asa 5585 X Firmware
Configuration A
7 vulnerable
Vulnerable SoftwareAffected Versions
Adaptive Security Appliance
Before 9.8.4.40
Cisco
Adaptive Security Appliance Software
From 9.12.0 to 9.12.4.18
Adaptive Security Appliance Software
From 9.13.0 to 9.14.2.15
Adaptive Security Appliance Software
From 9.15.0 to 9.15.1.15
Cisco
Firepower Threat Defense
Before 6.4.0.12
Firepower Threat Defense
From 6.5.0 to 6.6.5
Firepower Threat Defense
From 6.7.0 to 6.7.0.2
Configuration B
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Cisco
Asa 5512 X Firmware
Version 009.008
Asa 5512 X Firmware
Version 009.015
Running on/withPlatform Versions
Cisco
Asa 5512 X
All versions
Configuration C
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Cisco
Asa 5505 Firmware
Version 009.008
Asa 5505 Firmware
Version 009.015
Running on/withPlatform Versions
Cisco
Asa 5505
All versions
Configuration D
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Cisco
Asa 5515 X Firmware
Version 009.008
Asa 5515 X Firmware
Version 009.015
Running on/withPlatform Versions
Cisco
Asa 5515 X
All versions
Configuration E
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Cisco
Asa 5525 X Firmware
Version 009.008
Asa 5525 X Firmware
Version 009.015
Running on/withPlatform Versions
Cisco
Asa 5525 X
All versions
Configuration F
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Cisco
Asa 5545 X Firmware
Version 009.008
Asa 5545 X Firmware
Version 009.015
Running on/withPlatform Versions
Cisco
Asa 5545 X
All versions
Configuration G
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Cisco
Asa 5555 X Firmware
Version 009.008
Asa 5555 X Firmware
Version 009.015
Running on/withPlatform Versions
Cisco
Asa 5555 X
All versions
Configuration H
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Cisco
Asa 5580 Firmware
Version 009.008
Asa 5580 Firmware
Version 009.015
Running on/withPlatform Versions
Cisco
Asa 5580
All versions
Configuration I
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Cisco
Asa 5585 X Firmware
Version 009.008
Asa 5585 X Firmware
Version 009.015
Running on/withPlatform Versions
Cisco
Asa 5585 X
All versions

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
CWE-358
Improperly Implemented Security Check for Standard
The product does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.

References (2)

Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.