Lucene search

K
cve[email protected]CVE-2021-40125
HistoryOct 27, 2021 - 7:15 p.m.

CVE-2021-40125

2021-10-2719:15:08
CWE-400
CWE-416
web.nvd.nist.gov
27
cve-2021-40125
cisco
asa
ftd
vulnerability
dos
ikev2
security
nvd

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.4 Medium

AI Score

Confidence

High

6.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

44.2%

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. This vulnerability is due to improper control of a resource. An attacker with the ability to spoof a trusted IKEv2 site-to-site VPN peer and in possession of valid IKEv2 credentials for that peer could exploit this vulnerability by sending malformed, authenticated IKEv2 messages to an affected device. A successful exploit could allow the attacker to trigger a reload of the device.

Affected configurations

NVD
Node
ciscofirepower_threat_defenseRange<6.4.0.13
OR
ciscofirepower_threat_defenseRange6.6.06.6.5
OR
ciscofirepower_threat_defenseRange6.7.06.7.0.3
OR
ciscofirepower_threat_defenseRange7.0.07.0.1
OR
ciscoadaptive_security_appliance_softwareRange9.8.09.8.4.40
OR
ciscoadaptive_security_appliance_softwareRange9.9.09.12.4.30
OR
ciscoadaptive_security_appliance_softwareRange9.14.09.14.3.9
OR
ciscoadaptive_security_appliance_softwareRange9.15.09.15.1.17
OR
ciscoadaptive_security_appliance_softwareRange9.16.09.16.2
Node
ciscoasa_5512-x_firmwareMatch009.016\(001.025\)
AND
ciscoasa_5512-xMatch-
Node
ciscoasa_5505_firmwareMatch009.016\(001.025\)
AND
ciscoasa_5505Match-
Node
ciscoasa_5515-x_firmwareMatch009.016\(001.025\)
AND
ciscoasa_5515-xMatch-
Node
ciscoasa_5525-x_firmwareMatch009.016\(001.025\)
AND
ciscoasa_5525-xMatch-
Node
ciscoasa_5545-x_firmwareMatch009.016\(001.025\)
AND
ciscoasa_5545-xMatch-
Node
ciscoasa_5555-x_firmwareMatch009.016\(001.025\)
AND
ciscoasa_5555-xMatch-
Node
ciscoasa_5580_firmwareMatch009.016\(001.025\)
AND
ciscoasa_5580Match-
Node
ciscoasa_5585-x_firmwareMatch009.016\(001.025\)
AND
ciscoasa_5585-xMatch-

CNA Affected

[
  {
    "product": "Cisco Adaptive Security Appliance (ASA) Software ",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.4 Medium

AI Score

Confidence

High

6.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

44.2%

Related for CVE-2021-40125