Lucene search

K
cveCiscoCVE-2021-1224
HistoryJan 13, 2021 - 10:15 p.m.

CVE-2021-1224

2021-01-1322:15:20
CWE-693
cisco
web.nvd.nist.gov
64
3
cisco
tcp fast open
tfo
snort
http
vulnerability
bypass
file policy

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

5.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

AI Score

6.4

Confidence

High

EPSS

0.002

Percentile

57.2%

Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP payload if it is contained at least partially within the TFO connection handshake. An attacker could exploit this vulnerability by sending crafted TFO packets with an HTTP payload through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload.

Affected configurations

Nvd
Node
ciscofirepower_management_centerMatch2.9.14.0
OR
ciscofirepower_management_centerMatch2.9.15
OR
ciscofirepower_management_centerMatch2.9.16
OR
ciscofirepower_management_centerMatch2.9.17
OR
ciscofirepower_management_centerMatch2.9.18
OR
ciscofirepower_management_centerMatch3.0.1
OR
ciscofirepower_threat_defenseRange<6.7.0
Node
ciscoios_xeRange<17.4.1
AND
cisco1100-4p_integrated_services_routerMatch-
OR
cisco1100-8p_integrated_services_routerMatch-
OR
cisco1101-4p_integrated_services_routerMatch-
OR
cisco1109-2p_integrated_services_routerMatch-
OR
cisco1109-4p_integrated_services_routerMatch-
OR
cisco1111x-8p_integrated_services_routerMatch-
OR
cisco4221_integrated_services_routerMatch-
OR
cisco4321_integrated_services_routerMatch-
OR
cisco4331_integrated_services_routerMatch-
OR
cisco4351_integrated_services_routerMatch-
OR
cisco4431_integrated_services_routerMatch-
OR
cisco4451-x_integrated_services_routerMatch-
OR
cisco4461_integrated_services_routerMatch-
OR
ciscocsr_1000vMatch-
OR
ciscoisa_3000Match-
Node
snortsnortRange<2.9.17
Node
ciscomeraki_mx64_firmwareMatch-
AND
ciscomeraki_mx64Match-
Node
ciscomeraki_mx64w_firmwareMatch-
AND
ciscomeraki_mx64wMatch-
Node
ciscomeraki_mx67_firmwareMatch-
AND
ciscomeraki_mx67Match-
Node
ciscomeraki_mx67c_firmwareMatch-
AND
ciscomeraki_mx67cMatch-
Node
ciscomeraki_mx67w_firmwareMatch-
AND
ciscomeraki_mx67wMatch-
Node
ciscomeraki_mx68_firmwareMatch-
AND
ciscomeraki_mx68Match-
Node
ciscomeraki_mx68cw_firmwareMatch-
AND
ciscomeraki_mx68cwMatch-
Node
ciscomeraki_mx68wMatch-
AND
ciscomeraki_mx68w_firmwareMatch-
Node
ciscomeraki_mx100Match-
AND
ciscomeraki_mx100_firmwareMatch-
Node
ciscomeraki_mx84Match-
AND
ciscomeraki_mx84_firmwareMatch-
Node
ciscomeraki_mx250Match-
AND
ciscomeraki_mx250_firmwareMatch-
Node
ciscomeraki_mx450Match-
AND
ciscomeraki_mx450_firmwareMatch-
VendorProductVersionCPE
ciscofirepower_management_center2.9.14.0cpe:2.3:a:cisco:firepower_management_center:2.9.14.0:*:*:*:*:*:*:*
ciscofirepower_management_center2.9.15cpe:2.3:a:cisco:firepower_management_center:2.9.15:*:*:*:*:*:*:*
ciscofirepower_management_center2.9.16cpe:2.3:a:cisco:firepower_management_center:2.9.16:*:*:*:*:*:*:*
ciscofirepower_management_center2.9.17cpe:2.3:a:cisco:firepower_management_center:2.9.17:*:*:*:*:*:*:*
ciscofirepower_management_center2.9.18cpe:2.3:a:cisco:firepower_management_center:2.9.18:*:*:*:*:*:*:*
ciscofirepower_management_center3.0.1cpe:2.3:a:cisco:firepower_management_center:3.0.1:*:*:*:*:*:*:*
ciscofirepower_threat_defense*cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*
ciscoios_xe*cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*
cisco1100-4p_integrated_services_router-cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*
cisco1100-8p_integrated_services_router-cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 481

CNA Affected

[
  {
    "vendor": "Cisco",
    "product": "Cisco Firepower Threat Defense Software",
    "versions": [
      {
        "version": "n/a",
        "status": "affected"
      }
    ]
  }
]

Social References

More

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

5.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

AI Score

6.4

Confidence

High

EPSS

0.002

Percentile

57.2%