CVE-2021-1223

EPSS 0.42%
Published 13.01.2021 22:15:20
Last modified 26.11.2024 16:09:02
Source psirt@cisco.com
Teams watchlist Login
Open Login

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload.

Affected products Warnungen 0 Metrics 4 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Firepower Threat Defense Version < 6.7.0

Cisco ≫ Secure Firewall Management Center Version2.9.14.0

Cisco ≫ Secure Firewall Management Center Version2.9.15

Cisco ≫ Secure Firewall Management Center Version2.9.16

Cisco ≫ Ios Xe Version < 17.4.1

Snort ≫ Snort Version < 2.9.17

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.42%	0.615

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N
psirt@cisco.com	5.8	3.9	1.4	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE-693 Protection Mechanism Failure

The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html

https://www.debian.org/security/2023/dsa-5354

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-filepolbypass-67DEwMe2

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-1223

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-1223

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-1223

EUVD