CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2021-34754 – Cisco Firepower Threat Defense Software Ethernet Industrial Protocol Policy Bypass Vulnerabilities
https://notcve.org/view.php?id=CVE-2021-34754
27 Oct 2021 — Multiple vulnerabilities in the payload inspection for Ethernet Industrial Protocol (ENIP) traffic for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured rules for ENIP traffic. These vulnerabilities are due to incomplete processing during deep packet inspection for ENIP packets. An attacker could exploit these vulnerabilities by sending a crafted ENIP packet to the targeted interface. A successful exploit could allow the attacker to bypass con... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-enip-bypass-eFsxd8KP • CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 25EXPL: 0CVE-2021-40125 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv2 Site-to-Site VPN Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-40125
27 Oct 2021 — A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. This vulnerability is due to improper control of a resource. An attacker with the ability to spoof a trusted IKEv2 site-to-site VPN peer and in possession of valid IKEv2 credentials for that peer could exploit this v... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ikev2-dos-g4cmrr7C • CWE-400: Uncontrolled Resource Consumption CWE-416: Use After Free •
CVSS: 8.6EPSS: 0%CPEs: 9EXPL: 0CVE-2021-1501 – Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software SIP Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1501
29 Apr 2021 — A vulnerability in the SIP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition.The vulnerability is due to a crash that occurs during a hash lookup for a SIP pinhole connection. An attacker could exploit this vulnerability by sending crafted SIP traffic through an affected device. A successful e... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-sipdos-GGwmMerC • CWE-613: Insufficient Session Expiration •
CVSS: 5.8EPSS: 0%CPEs: 26EXPL: 0CVE-2021-1495 – Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-1495
29 Apr 2021 — Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured file policy for HTTP packets and deliver a malicious payload. Múltiples... • https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.5EPSS: 0%CPEs: 9EXPL: 0CVE-2021-1493 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Buffer Overflow Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1493
29 Apr 2021 — A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to insufficient boundary checks for specific data that is provided to the web services interface of an affected system. An attacker could exploit this vulnerability by sending a malicious HTTP request. A successful exploit could allow the atta... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-memc-dos-fncTyYKG • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2021-1448 – Cisco Firepower Threat Defense Software Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2021-1448
29 Apr 2021 — A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges on the underlying operating system of an affected device that is running in multi-instance mode. This vulnerability is due to insufficient validation of user-supplied command arguments. An attacker could exploit this vulnerability by submitting crafted input to the affected command. A successful exploit could allow the attacker to execute... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinj-vWY5wqZT • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 0CVE-2021-1256 – Cisco Firepower Threat Defense Software Command File Overwrite Vulnerability
https://notcve.org/view.php?id=CVE-2021-1256
29 Apr 2021 — A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite files on the file system of an affected device by using directory traversal techniques. A successful exploit could cause system instability if important system files are overwritten. This vulnerability is due to insufficient validation of user input for the file path in a specific CLI command. An attacker could exploit this vulnerability by logging in to a targeted device and... • https://kc.mcafee.com/corporate/index?page=content&id=SB10382 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-552: Files or Directories Accessible to External Parties •
CVSS: 8.6EPSS: 0%CPEs: 17EXPL: 0CVE-2021-1402 – Cisco Firepower Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1402
29 Apr 2021 — A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of SSL/TLS messages when the device performs software-based SSL decryption. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message through an affected device. SSL/TLS messages sent ... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-decrypt-dos-DdyLuK6c • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 0%CPEs: 23EXPL: 0CVE-2021-1236 – Multiple Cisco Products Snort Application Detection Engine Policy Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-1236
13 Jan 2021 — Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. The vulnerability is due to a flaw in the detection algorithm. An attacker could exploit this vulnerability by sending crafted packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured policies and deliver a malicious payload to the protec... • https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html • CWE-670: Always-Incorrect Control Flow Implementation •
CVSS: 5.8EPSS: 0%CPEs: 48EXPL: 0CVE-2021-1224 – Multiple Cisco Products Snort TCP Fast Open File Policy Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-1224
13 Jan 2021 — Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP payload if it is contained at least partially within the TFO connection handshake. An attacker could exploit this vulnerability by sending crafted TFO packets with an HTTP payload through an affected device. A succes... • https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html • CWE-693: Protection Mechanism Failure •