Lucene search

[email protected]CVE-2021-34791

HistoryOct 27, 2021 - 7:15 p.m.

CVE-2021-34791

2021-10-2719:15:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2021-34791

cisco

asa

ftd software

nat

alg

vulnerability

security vulnerability

nvd

nat slipstreaming

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

5.5 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

43.8%

JSON

Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG. For more information about these vulnerabilities, see the Details section of this advisory. Note: These vulnerabilities have been publicly discussed as NAT Slipstreaming.

CPENameOperatorVersion
cisco:firepower_threat_defensecisco firepower threat defenselt6.7.0.2
cisco:firepower_threat_defensecisco firepower threat defenselt6.4.0.12
cisco:adaptive_security_appliancecisco adaptive security appliancelt9.8.4.40
cisco:firepower_threat_defensecisco firepower threat defenselt6.6.5
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwarelt9.12.4.18
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwarelt9.14.2.15
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwarelt9.15.1.15
cisco:asa_5512-x_firmwarecisco asa 5512-x firmwareeq009.008
cisco:asa_5512-x_firmwarecisco asa 5512-x firmwareeq009.015
cisco:asa_5505_firmwarecisco asa 5505 firmwareeq009.008

CPE	Name	Operator	Version
cisco:firepower_threat_defense	cisco firepower threat defense	lt	6.7.0.2
cisco:firepower_threat_defense	cisco firepower threat defense	lt	6.4.0.12
cisco:adaptive_security_appliance	cisco adaptive security appliance	lt	9.8.4.40
cisco:firepower_threat_defense	cisco firepower threat defense	lt	6.6.5
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	lt	9.12.4.18
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	lt	9.14.2.15
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	lt	9.15.1.15
cisco:asa_5512-x_firmware	cisco asa 5512-x firmware	eq	009.008
cisco:asa_5512-x_firmware	cisco asa 5512-x firmware	eq	009.015
cisco:asa_5505_firmware	cisco asa 5505 firmware	eq	009.008

Rows per page:

1-10 of 231

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

5.5 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

43.8%

JSON

Related for CVE-2021-34791

prion1 cisco1