CVE-2021-1236 – Multiple Cisco Products Snort Application Detection Engine Policy Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-1236
Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. The vulnerability is due to a flaw in the detection algorithm. An attacker could exploit this vulnerability by sending crafted packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured policies and deliver a malicious payload to the protected network. Múltiples productos de Cisco están afectados por una vulnerabilidad en el motor de detección de aplicaciones de Snort que podría permitir a un atacante remoto no autenticado omitir las políticas configuradas en un sistema afectado. • https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-app-bypass-cSBYCATq https://www.debian.org/security/2023/dsa-5354 • CWE-670: Always-Incorrect Control Flow Implementation •
CVE-2021-1224 – Multiple Cisco Products Snort TCP Fast Open File Policy Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-1224
Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP payload if it is contained at least partially within the TFO connection handshake. An attacker could exploit this vulnerability by sending crafted TFO packets with an HTTP payload through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload. Múltiples productos de Cisco están afectados por una vulnerabilidad con TCP Fast Open (TFO) cuando se usan en conjunto con el motor de detección Snort que podría permitir a un atacante remoto no autenticado omitir una política de archivos configurada para HTTP. • https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-tfo-bypass-MmzZrtes https://www.debian.org/security/2023/dsa-5354 • CWE-693: Protection Mechanism Failure •
CVE-2021-1223 – Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-1223
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload. Múltiples productos de Cisco están afectados por una vulnerabilidad en el motor de detección de Snort que podría permitir a un atacante remoto no autenticado omita una política de archivos configurada para HTTP. • https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-filepolbypass-67DEwMe2 https://www.debian.org/security/2023/dsa-5354 • CWE-693: Protection Mechanism Failure •
CVE-2020-3141 – Cisco IOS XE Software Privilege Escalation Vulnerabilities
https://notcve.org/view.php?id=CVE-2020-3141
Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to elevate privileges to the level of an Administrator user on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Múltiples vulnerabilidades en el framework de administración web de Cisco IOS XE Software, podrían permitir a un atacante remoto autenticado con privilegios de solo lectura elevar los privilegios al nivel de un usuario administrador en un dispositivo afectado. Para más información sobre estas vulnerabilidades, consulte la sección Detalles de este aviso. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-webui-priv-esc-K8zvEWM • CWE-20: Improper Input Validation •
CVE-2020-3465 – Cisco IOS XE Software Ethernet Frame Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3465
A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a device to reload. The vulnerability is due to incorrect handling of certain valid, but not typical, Ethernet frames. An attacker could exploit this vulnerability by sending the Ethernet frames onto the Ethernet segment. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition. Una vulnerabilidad en Cisco IOS XE Software, podría permitir a un atacante adyacente no autenticado causar la recarga de un dispositivo. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-le-drTOB625 • CWE-20: Improper Input Validation •