Lucene search

[email protected]CVE-2021-34794

HistoryOct 27, 2021 - 7:15 p.m.

CVE-2021-34794

2021-10-2719:15:08

CWE-284

[email protected]

web.nvd.nist.gov

cve-2021-34794

cisco

asa

ftd

snmpv3

access control

vulnerability

nvd

security

exploit

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

5.2 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

45.7%

JSON

A vulnerability in the Simple Network Management Protocol version 3 (SNMPv3) access control functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to query SNMP data. This vulnerability is due to ineffective access control. An attacker could exploit this vulnerability by sending an SNMPv3 query to an affected device from a host that is not permitted by the SNMPv3 access control list. A successful exploit could allow the attacker to send an SNMP query to an affected device and retrieve information from the device. The attacker would need valid credentials to perform the SNMP query.

Affected configurations

NVD

Node

ciscofirepower_threat_defenseRange6.4.0–6.4.0.13

ciscofirepower_threat_defenseRange6.5.0–6.6.5

ciscofirepower_threat_defenseRange6.7.0–6.7.0.1

ciscoadaptive_security_appliance_softwareRange9.14.0–9.14.2.4

ciscoadaptive_security_appliance_softwareRange9.15.0–9.15.1.7

Node

ciscoasa_5512-xMatch-

AND

ciscoasa_5512-x_firmwareMatch009.014\(001\)

ciscoasa_5512-x_firmwareMatch099.015\(001.033\)

ciscoasa_5512-x_firmwareMatch099.016\(001.216\)

Node

ciscoasa_5505Match-

AND

ciscoasa_5505_firmwareMatch009.014\(001\)

ciscoasa_5505_firmwareMatch099.015\(001.033\)

ciscoasa_5505_firmwareMatch099.016\(001.216\)

Node

ciscoasa_5515-xMatch-

AND

ciscoasa_5515-x_firmwareMatch009.014\(001\)

ciscoasa_5515-x_firmwareMatch099.015\(001.033\)

ciscoasa_5515-x_firmwareMatch099.016\(001.216\)

Node

ciscoasa_5525-xMatch-

AND

ciscoasa_5525-x_firmwareMatch009.014\(001\)

ciscoasa_5525-x_firmwareMatch099.015\(001.033\)

ciscoasa_5525-x_firmwareMatch099.016\(001.216\)

Node

ciscoasa_5545-xMatch-

AND

ciscoasa_5545-x_firmwareMatch009.014\(001\)

ciscoasa_5545-x_firmwareMatch099.015\(001.033\)

ciscoasa_5545-x_firmwareMatch099.016\(001.216\)

Node

ciscoasa_5555-xMatch-

AND

ciscoasa_5555-x_firmwareMatch009.014\(001\)

ciscoasa_5555-x_firmwareMatch099.015\(001.033\)

ciscoasa_5555-x_firmwareMatch099.016\(001.216\)

Node

ciscoasa_5580Match-

AND

ciscoasa_5580_firmwareMatch009.014\(001\)

ciscoasa_5580_firmwareMatch099.015\(001.033\)

ciscoasa_5580_firmwareMatch099.016\(001.216\)

Node

ciscoasa_5585-xMatch-

AND

ciscoasa_5585-x_firmwareMatch009.014\(001\)

ciscoasa_5585-x_firmwareMatch099.015\(001.033\)

ciscoasa_5585-x_firmwareMatch099.016\(001.216\)

CPENameOperatorVersion
cisco:firepower_threat_defensecisco firepower threat defenselt6.4.0.13
cisco:firepower_threat_defensecisco firepower threat defenselt6.6.5
cisco:firepower_threat_defensecisco firepower threat defenselt6.7.0.1
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwarelt9.14.2.4
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwarelt9.15.1.7

CPE	Name	Operator	Version
cisco:firepower_threat_defense	cisco firepower threat defense	lt	6.4.0.13
cisco:firepower_threat_defense	cisco firepower threat defense	lt	6.6.5
cisco:firepower_threat_defense	cisco firepower threat defense	lt	6.7.0.1
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	lt	9.14.2.4
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	lt	9.15.1.7

CNA Affected

[
  {
    "product": "Cisco Adaptive Security Appliance (ASA) Software ",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmpaccess-M6yOweq3

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

5.2 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

45.7%

JSON

Related for CVE-2021-34794

prion1 cisco1 nessus2 nvd1 cvelist1