CVE-2021-40116 – Multiple Cisco Products Snort Rule Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-40116
Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints. An attacker could exploit this vulnerability by sending a crafted IP packet to the affected device. A successful exploit could allow the attacker to cause through traffic to be dropped. Note: Only products with Snort3 configured and either a rule with Block with Reset or Interactive Block with Reset actions configured are vulnerable. Products configured with Snort2 are not vulnerable. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-RywH7ezM • CWE-241: Improper Handling of Unexpected Data Type •
CVE-2021-40114 – Multiple Cisco Products Snort Memory Leak Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-40114
Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper memory resource management while the Snort detection engine is processing ICMP packets. An attacker could exploit this vulnerability by sending a series of ICMP packets through an affected device. A successful exploit could allow the attacker to exhaust resources on the affected device, causing the device to reload. Múltiples productos de Cisco están afectados por una vulnerabilidad en la forma en que el motor de detección Snort procesa el tráfico ICMP que podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS) en un dispositivo afectado. • https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-s2R7W9UU https://www.debian.org/security/2023/dsa-5354 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2021-34793 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Transparent Mode Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-34793
A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software operating in transparent mode could allow an unauthenticated, remote attacker to poison MAC address tables, resulting in a denial of service (DoS) vulnerability. This vulnerability is due to incorrect handling of certain TCP segments when the affected device is operating in transparent mode. An attacker could exploit this vulnerability by sending a crafted TCP segment through an affected device. A successful exploit could allow the attacker to poison the MAC address tables in adjacent devices, resulting in network disruption. Una vulnerabilidad en el Normalizador TCP del software Cisco Adaptive Security Appliance (ASA) y del software Firepower Threat Defense (FTD) que funciona en modo transparente podría permitir a un atacante remoto no autenticado envenenar las tablas de direcciones MAC, lo que provocaría una vulnerabilidad de denegación de servicio (DoS). • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-JxYWMJyL • CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel •
CVE-2021-34792 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Resource Exhaustion Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-34792
A vulnerability in the memory management of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper resource management when connection rates are high. An attacker could exploit this vulnerability by opening a significant number of connections on an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Una vulnerabilidad en la administración de la memoria del software Cisco Adaptive Security Appliance (ASA) y del software Firepower Threat Defense (FTD) podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS) en un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-Unk689XY • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2021-34791 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass Vulnerabilities
https://notcve.org/view.php?id=CVE-2021-34791
Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG. For more information about these vulnerabilities, see the Details section of this advisory. Note: These vulnerabilities have been publicly discussed as NAT Slipstreaming. Varias vulnerabilidades en la Puerta de Enlace de Nivel de Aplicación (ALG) para la funcionalidad Network Address Translation (NAT) del software Cisco Adaptive Security Appliance (ASA) y el software Firepower Threat Defense (FTD) podrían permitir a un atacante remoto no autenticado omitir la ALG y abrir conexiones no autorizadas con un host situado detrás de la ALG. Para conseguir más información sobre estas vulnerabilidades, consulte la sección Detalles de este aviso. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng • CWE-20: Improper Input Validation CWE-358: Improperly Implemented Security Check for Standard •