CVE-2021-1422
Cisco Adaptive Security Appliance Software Release 9.16.1 and Cisco Firepower Threat Defense Software Release 7.0.0 IPsec Denial of Service Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexpected reload of the device that results in a denial of service (DoS) condition. The vulnerability is due to a logic error in how the software cryptography module handles specific types of decryption errors. An attacker could exploit this vulnerability by sending malicious packets over an established IPsec connection. A successful exploit could cause the device to crash, forcing it to reload. Important: Successful exploitation of this vulnerability would not cause a compromise of any encrypted data. Note: This vulnerability affects only Cisco ASA Software Release 9.16.1 and Cisco FTD Software Release 7.0.0.
Una vulnerabilidad en el módulo de criptografía de software de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podría permitir a un atacante remoto autenticado o a un atacante no autenticado en una posición de tipo man-in-the-middle causar una recarga inesperada del dispositivo que resulta en una condición de denegación de servicio (DoS). La vulnerabilidad es debido a un error lógico en como el módulo de criptografía del software maneja tipos específicos de errores de descifrado. Un atacante podría explotar esta vulnerabilidad mediante el envío de paquetes maliciosos a través de una conexión IPsec establecida. Una explotación con éxito podría causar el bloqueo del dispositivo, obligándolo a recargarse. Importante: Una explotación con éxito de esta vulnerabilidad no causaría un compromiso de ningún dato encriptado. Nota: Esta vulnerabilidad sólo afecta la versión 9.16.1 del software Cisco ASA y la versión 7.0.0 del software Cisco FTD
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2020-11-13 CVE Reserved
- 2021-07-16 CVE Published
- 2023-03-08 EPSS Updated
- 2024-11-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-617: Reachable Assertion
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | 9.16.1 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version "9.16.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Adaptive Security Virtual Appliance Search vendor "Cisco" for product "Adaptive Security Virtual Appliance" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | 9.16.1 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version "9.16.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2100 Search vendor "Cisco" for product "Firepower 2100" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | 9.16.1 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version "9.16.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2110 Search vendor "Cisco" for product "Firepower 2110" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | 9.16.1 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version "9.16.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2120 Search vendor "Cisco" for product "Firepower 2120" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | 9.16.1 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version "9.16.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2130 Search vendor "Cisco" for product "Firepower 2130" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | 9.16.1 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version "9.16.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2140 Search vendor "Cisco" for product "Firepower 2140" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | 9.16.1 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version "9.16.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ftd Virtual Search vendor "Cisco" for product "Ftd Virtual" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 7.0.0.0 Search vendor "Cisco" for product "Firepower Threat Defense" and version "7.0.0.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Adaptive Security Virtual Appliance Search vendor "Cisco" for product "Adaptive Security Virtual Appliance" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 7.0.0.0 Search vendor "Cisco" for product "Firepower Threat Defense" and version "7.0.0.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2100 Search vendor "Cisco" for product "Firepower 2100" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 7.0.0.0 Search vendor "Cisco" for product "Firepower Threat Defense" and version "7.0.0.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2110 Search vendor "Cisco" for product "Firepower 2110" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 7.0.0.0 Search vendor "Cisco" for product "Firepower Threat Defense" and version "7.0.0.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2120 Search vendor "Cisco" for product "Firepower 2120" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 7.0.0.0 Search vendor "Cisco" for product "Firepower Threat Defense" and version "7.0.0.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2130 Search vendor "Cisco" for product "Firepower 2130" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 7.0.0.0 Search vendor "Cisco" for product "Firepower Threat Defense" and version "7.0.0.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Firepower 2140 Search vendor "Cisco" for product "Firepower 2140" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | 7.0.0.0 Search vendor "Cisco" for product "Firepower Threat Defense" and version "7.0.0.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Ftd Virtual Search vendor "Cisco" for product "Ftd Virtual" | - | - |
Safe
|