5.3

CVE-2021-1236

Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. The vulnerability is due to a flaw in the detection algorithm. An attacker could exploit this vulnerability by sending crafted packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network.

Data is provided by the National Vulnerability Database (NVD)
CiscoIos Xe Version < 17.4.1
   Cisco1100-4p Integrated Services Router Version-
   Cisco1100-8p Integrated Services Router Version-
   Cisco1101-4p Integrated Services Router Version-
   Cisco1109-2p Integrated Services Router Version-
   Cisco1109-4p Integrated Services Router Version-
   Cisco1111x-8p Integrated Services Router Version-
   Cisco4221 Integrated Services Router Version-
   Cisco4321 Integrated Services Router Version-
   Cisco4331 Integrated Services Router Version-
   Cisco4351 Integrated Services Router Version-
   Cisco4431 Integrated Services Router Version-
   Cisco4451-x Integrated Services Router Version-
   Cisco4461 Integrated Services Router Version-
   CiscoCsr 1000v Version-
   CiscoIsa 3000 Version-
CiscoFirepower Threat Defense Version < 6.5.0.5
SnortSnort Version < 2.9.14
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.29% 0.523
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5.3 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:P/A:N
psirt@cisco.com 4 2.2 1.4
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
CWE-670 Always-Incorrect Control Flow Implementation

The code contains a control flow path that does not reflect the algorithm that the path is intended to implement, leading to incorrect behavior any time this path is navigated.