CVE-2021-34793

EPSS 0.08%
Veröffentlicht 27.10.2021 19:15:08
Zuletzt bearbeitet 21.11.2024 06:11:13
Quelle psirt@cisco.com
Teams Watchlist Login
Unerledigt Login

A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software operating in transparent mode could allow an unauthenticated, remote attacker to poison MAC address tables, resulting in a denial of service (DoS) vulnerability. This vulnerability is due to incorrect handling of certain TCP segments when the affected device is operating in transparent mode. An attacker could exploit this vulnerability by sending a crafted TCP segment through an affected device. A successful exploit could allow the attacker to poison the MAC address tables in adjacent devices, resulting in network disruption.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Adaptive Security Appliance Version < 9.8.4.40

Cisco ≫ Firepower Threat Defense Version < 6.4.0.13

Cisco ≫ Firepower Threat Defense Version >= 6.5.0 < 6.6.5

Cisco ≫ Firepower Threat Defense Version >= 6.7.0 < 6.7.0.3

Cisco ≫ Adaptive Security Appliance Software Version >= 9.9.0 < 9.12.4.29

Cisco ≫ Adaptive Security Appliance Software Version >= 9.13.0 < 9.14.3.9

Cisco ≫ Adaptive Security Appliance Software Version >= 9.15.0 < 9.15.1.17

Cisco ≫ Adaptive Security Appliance Software Version >= 9.16.0 < 9.16.2.3

Cisco ≫ Asa 5512-x Firmware Version009.008(004.025)

Cisco ≫ Asa 5512-x Version-

Cisco ≫ Asa 5505 Firmware Version009.008(004.025)

Cisco ≫ Asa 5505 Version-

Cisco ≫ Asa 5515-x Firmware Version009.008(004.025)

Cisco ≫ Asa 5515-x Version-

Cisco ≫ Asa 5525-x Firmware Version009.008(004.025)

Cisco ≫ Asa 5525-x Version-

Cisco ≫ Asa 5545-x Firmware Version009.008(004.025)

Cisco ≫ Asa 5545-x Version-

Cisco ≫ Asa 5555-x Firmware Version009.008(004.025)

Cisco ≫ Asa 5555-x Version-

Cisco ≫ Asa 5580 Firmware Version009.008(004.025)

Cisco ≫ Asa 5580 Version-

Cisco ≫ Asa 5585-x Firmware Version009.008(004.025)

Cisco ≫ Asa 5585-x Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.08%	0.242

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.6	3.9	4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P
psirt@cisco.com	8.6	3.9	4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CWE-924 Improper Enforcement of Message Integrity During Transmission in a Communication Channel

The product establishes a communication channel with an endpoint and receives a message from that endpoint, but it does not sufficiently ensure that the message was not modified during transmission.

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-JxYWMJyL

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-34793

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-34793

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-34793

EUVD