CVE-2021-34793
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Transparent Mode Denial of Service Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software operating in transparent mode could allow an unauthenticated, remote attacker to poison MAC address tables, resulting in a denial of service (DoS) vulnerability. This vulnerability is due to incorrect handling of certain TCP segments when the affected device is operating in transparent mode. An attacker could exploit this vulnerability by sending a crafted TCP segment through an affected device. A successful exploit could allow the attacker to poison the MAC address tables in adjacent devices, resulting in network disruption.
Una vulnerabilidad en el Normalizador TCP del software Cisco Adaptive Security Appliance (ASA) y del software Firepower Threat Defense (FTD) que funciona en modo transparente podría permitir a un atacante remoto no autenticado envenenar las tablas de direcciones MAC, lo que provocaría una vulnerabilidad de denegación de servicio (DoS). Esta vulnerabilidad es debido al manejo incorrecto de determinados segmentos TCP cuando el dispositivo afectado está operando en modo transparente. Un atacante podría explotar esta vulnerabilidad mediante el envío de un segmento TCP diseñado mediante un dispositivo afectado. Una explotación con éxito podría permitir al atacante envenenar las tablas de direcciones MAC en los dispositivos adyacentes, resultando en una interrupción de la red
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2021-06-15 CVE Reserved
- 2021-10-27 CVE Published
- 2024-07-12 EPSS Updated
- 2024-11-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Asa 5512-x Firmware Search vendor "Cisco" for product "Asa 5512-x Firmware" | 009.008\(004.025\) Search vendor "Cisco" for product "Asa 5512-x Firmware" and version "009.008\(004.025\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asa 5512-x Search vendor "Cisco" for product "Asa 5512-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Asa 5505 Firmware Search vendor "Cisco" for product "Asa 5505 Firmware" | 009.008\(004.025\) Search vendor "Cisco" for product "Asa 5505 Firmware" and version "009.008\(004.025\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asa 5505 Search vendor "Cisco" for product "Asa 5505" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Asa 5515-x Firmware Search vendor "Cisco" for product "Asa 5515-x Firmware" | 009.008\(004.025\) Search vendor "Cisco" for product "Asa 5515-x Firmware" and version "009.008\(004.025\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asa 5515-x Search vendor "Cisco" for product "Asa 5515-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Asa 5525-x Firmware Search vendor "Cisco" for product "Asa 5525-x Firmware" | 009.008\(004.025\) Search vendor "Cisco" for product "Asa 5525-x Firmware" and version "009.008\(004.025\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asa 5525-x Search vendor "Cisco" for product "Asa 5525-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Asa 5545-x Firmware Search vendor "Cisco" for product "Asa 5545-x Firmware" | 009.008\(004.025\) Search vendor "Cisco" for product "Asa 5545-x Firmware" and version "009.008\(004.025\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asa 5545-x Search vendor "Cisco" for product "Asa 5545-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Asa 5555-x Firmware Search vendor "Cisco" for product "Asa 5555-x Firmware" | 009.008\(004.025\) Search vendor "Cisco" for product "Asa 5555-x Firmware" and version "009.008\(004.025\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asa 5555-x Search vendor "Cisco" for product "Asa 5555-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Asa 5580 Firmware Search vendor "Cisco" for product "Asa 5580 Firmware" | 009.008\(004.025\) Search vendor "Cisco" for product "Asa 5580 Firmware" and version "009.008\(004.025\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asa 5580 Search vendor "Cisco" for product "Asa 5580" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Asa 5585-x Firmware Search vendor "Cisco" for product "Asa 5585-x Firmware" | 009.008\(004.025\) Search vendor "Cisco" for product "Asa 5585-x Firmware" and version "009.008\(004.025\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asa 5585-x Search vendor "Cisco" for product "Asa 5585-x" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Search vendor "Cisco" for product "Adaptive Security Appliance" | < 9.8.4.40 Search vendor "Cisco" for product "Adaptive Security Appliance" and version " < 9.8.4.40" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | < 6.4.0.13 Search vendor "Cisco" for product "Firepower Threat Defense" and version " < 6.4.0.13" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.5.0 < 6.6.5 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.5.0 < 6.6.5" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Firepower Threat Defense Search vendor "Cisco" for product "Firepower Threat Defense" | >= 6.7.0 < 6.7.0.3 Search vendor "Cisco" for product "Firepower Threat Defense" and version " >= 6.7.0 < 6.7.0.3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.9.0 < 9.12.4.29 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.9.0 < 9.12.4.29" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.13.0 < 9.14.3.9 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.13.0 < 9.14.3.9" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.15.0 < 9.15.1.17 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.15.0 < 9.15.1.17" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Adaptive Security Appliance Software Search vendor "Cisco" for product "Adaptive Security Appliance Software" | >= 9.16.0 < 9.16.2.3 Search vendor "Cisco" for product "Adaptive Security Appliance Software" and version " >= 9.16.0 < 9.16.2.3" | - |
Affected
| ||||||