5.8
CVE-2021-1224
- EPSS 0.37%
- Published 13.01.2021 22:15:20
- Last modified 26.11.2024 16:09:02
- Source psirt@cisco.com
- Teams watchlist Login
- Open Login
Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP payload if it is contained at least partially within the TFO connection handshake. An attacker could exploit this vulnerability by sending crafted TFO packets with an HTTP payload through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload.
Data is provided by the National Vulnerability Database (NVD)
Cisco ≫ Firepower Threat Defense Version < 6.7.0
Cisco ≫ Secure Firewall Management Center Version2.9.14.0
Cisco ≫ Secure Firewall Management Center Version2.9.15
Cisco ≫ Secure Firewall Management Center Version2.9.16
Cisco ≫ Secure Firewall Management Center Version2.9.17
Cisco ≫ Secure Firewall Management Center Version2.9.18
Cisco ≫ Secure Firewall Management Center Version3.0.1
Cisco ≫ Ios Xe Version < 17.4.1
Cisco ≫ 1100-4p Integrated Services Router Version-
Cisco ≫ 1100-8p Integrated Services Router Version-
Cisco ≫ 1101-4p Integrated Services Router Version-
Cisco ≫ 1109-2p Integrated Services Router Version-
Cisco ≫ 1109-4p Integrated Services Router Version-
Cisco ≫ 1111x-8p Integrated Services Router Version-
Cisco ≫ 4221 Integrated Services Router Version-
Cisco ≫ 4321 Integrated Services Router Version-
Cisco ≫ 4331 Integrated Services Router Version-
Cisco ≫ 4351 Integrated Services Router Version-
Cisco ≫ 4431 Integrated Services Router Version-
Cisco ≫ 4451-x Integrated Services Router Version-
Cisco ≫ 4461 Integrated Services Router Version-
Cisco ≫ Csr 1000v Version-
Cisco ≫ Isa 3000 Version-
Cisco ≫ 1100-8p Integrated Services Router Version-
Cisco ≫ 1101-4p Integrated Services Router Version-
Cisco ≫ 1109-2p Integrated Services Router Version-
Cisco ≫ 1109-4p Integrated Services Router Version-
Cisco ≫ 1111x-8p Integrated Services Router Version-
Cisco ≫ 4221 Integrated Services Router Version-
Cisco ≫ 4321 Integrated Services Router Version-
Cisco ≫ 4331 Integrated Services Router Version-
Cisco ≫ 4351 Integrated Services Router Version-
Cisco ≫ 4431 Integrated Services Router Version-
Cisco ≫ 4451-x Integrated Services Router Version-
Cisco ≫ 4461 Integrated Services Router Version-
Cisco ≫ Csr 1000v Version-
Cisco ≫ Isa 3000 Version-
Cisco ≫ Meraki Mx64 Firmware Version-
Cisco ≫ Meraki Mx64w Firmware Version-
Cisco ≫ Meraki Mx67 Firmware Version-
Cisco ≫ Meraki Mx67c Firmware Version-
Cisco ≫ Meraki Mx67w Firmware Version-
Cisco ≫ Meraki Mx68 Firmware Version-
Cisco ≫ Meraki Mx68cw Firmware Version-
Cisco ≫ Meraki Mx68w Firmware Version-
Cisco ≫ Meraki Mx100 Firmware Version-
Cisco ≫ Meraki Mx84 Firmware Version-
Cisco ≫ Meraki Mx250 Firmware Version-
Cisco ≫ Meraki Mx450 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.37% | 0.58 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|
| psirt@cisco.com | 5.8 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
|
CWE-693 Protection Mechanism Failure
The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.