Lucene search

[email protected]NVD:CVE-2021-34787

HistoryOct 27, 2021 - 7:15 p.m.

CVE-2021-34787

2021-10-2719:15:08

CWE-183

CWE-755

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

0.001 Low

EPSS

Percentile

45.1%

JSON

A vulnerability in the identity-based firewall (IDFW) rule processing feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass security protections. This vulnerability is due to improper handling of network requests by affected devices configured to use object group search. An attacker could exploit this vulnerability by sending a specially crafted network request to an affected device. A successful exploit could allow the attacker to bypass access control list (ACL) rules on the device, bypass security protections, and send network traffic to unauthorized hosts.

Affected configurations

NVD

Node

ciscoadaptive_security_applianceRange<9.8.4.40

ciscofirepower_threat_defenseRange<6.4.0.13

ciscofirepower_threat_defenseRange6.5.0–6.6.5

ciscofirepower_threat_defenseRange6.7.0–6.7.0.3

ciscofirepower_threat_defenseRange7.0.0–7.0.1

ciscoadaptive_security_appliance_softwareRange9.9.0–9.12.4.25

ciscoadaptive_security_appliance_softwareRange9.13.0–9.14.3.1

ciscoadaptive_security_appliance_softwareRange9.15.0–9.15.1.17

ciscoadaptive_security_appliance_softwareRange9.16.0–9.16.1.28

Node

ciscoasa_5512-x_firmwareMatch009.009

ciscoasa_5512-x_firmwareMatch009.012

AND

ciscoasa_5512-xMatch-

Node

ciscoasa_5505_firmwareMatch009.009

ciscoasa_5505_firmwareMatch009.012

AND

ciscoasa_5505Match-

Node

ciscoasa_5515-x_firmwareMatch009.009

ciscoasa_5515-x_firmwareMatch009.012

AND

ciscoasa_5515-xMatch-

Node

ciscoasa_5525-x_firmwareMatch009.009

ciscoasa_5525-x_firmwareMatch009.012

AND

ciscoasa_5525-xMatch-

Node

ciscoasa_5545-x_firmwareMatch009.009

ciscoasa_5545-x_firmwareMatch009.012

AND

ciscoasa_5545-xMatch-

Node

ciscoasa_5555-x_firmwareMatch009.009

ciscoasa_5555-x_firmwareMatch009.012

AND

ciscoasa_5555-xMatch-

Node

ciscoasa_5580_firmwareMatch009.009

ciscoasa_5580_firmwareMatch009.012

AND

ciscoasa_5580Match-

Node

ciscoasa_5585-x_firmwareMatch009.009

ciscoasa_5585-x_firmwareMatch009.012

AND

ciscoasa_5585-xMatch-

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-ejjOgQEY

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

0.001 Low

EPSS

Percentile

45.1%

JSON

Related for NVD:CVE-2021-34787

nessus2 prion1 cvelist1 cisco1 cve1