Lucene search
CiscoCISCO-SA-HTTP-FP-BP-KFDDCQHCHistoryApr 28, 2021 - 4:00 p.m.
Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerabilities
2021-04-2816:00:00
tools.cisco.com
66
cisco
products
snort
http
bypass
vulnerabilities
remote attacker
file policy
EPSS
0.001
Percentile
48.0%
Multiple Cisco products are affected by vulnerabilities in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP.
These vulnerabilities are due to incorrect handling of specific HTTP header parameters. An attacker could exploit these vulnerabilities by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured file policy for HTTP packets and deliver a malicious payload.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-fp-bp-KfDdcQhc [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-fp-bp-KfDdcQhc”]
Affected configurations
Node
ciscofirepower_threat_defense_softwareMatch6.2
ORciscofirepower_threat_defense_softwareMatch6.6
ORciscofirepower_threat_defense_softwareMatch6.4
ORciscofirepower_threat_defense_softwareMatch6.7
ORciscofirepower_2100_firmwareMatchany
ORciscofirepower_management_center_1000_firmwareMatchany
ORciscoindustrial_security_appliances_3000_firmwareMatchany
ORciscofirepower_9000_firmwareMatchany
ORciscofirepower_4100_next-generation_firewall_firmwareMatchany
ORciscounified_threat_defenseMatchany
ORciscofirepower_threat_defense_softwareMatchany
ORciscoips_sensor_softwareMatchany
ORciscofirepower_threat_defense_softwareMatch6.2.3
ORciscofirepower_threat_defense_softwareMatch6.2.3.1
ORciscofirepower_threat_defense_softwareMatch6.2.3.2
ORciscofirepower_threat_defense_softwareMatch6.2.3.3
ORciscofirepower_threat_defense_softwareMatch6.2.3.4
ORciscofirepower_threat_defense_softwareMatch6.2.3.5
ORciscofirepower_threat_defense_softwareMatch6.2.3.6
ORciscofirepower_threat_defense_softwareMatch6.2.3.7
ORciscofirepower_threat_defense_softwareMatch6.2.3.8
ORciscofirepower_threat_defense_softwareMatch6.2.3.10
ORciscofirepower_threat_defense_softwareMatch6.2.3.11
ORciscofirepower_threat_defense_softwareMatch6.2.3.9
ORciscofirepower_threat_defense_softwareMatch6.2.3.12
ORciscofirepower_threat_defense_softwareMatch6.2.3.13
ORciscofirepower_threat_defense_softwareMatch6.2.3.14
ORciscofirepower_threat_defense_softwareMatch6.2.3.15
ORciscofirepower_threat_defense_softwareMatch6.2.3.16
ORciscofirepower_threat_defense_softwareMatch6.6.0
ORciscofirepower_threat_defense_softwareMatch6.6.0.1
ORciscofirepower_threat_defense_softwareMatch6.6.1
ORciscofirepower_threat_defense_softwareMatch6.4.0
ORciscofirepower_threat_defense_softwareMatch6.4.0.1
ORciscofirepower_threat_defense_softwareMatch6.4.0.3
ORciscofirepower_threat_defense_softwareMatch6.4.0.2
ORciscofirepower_threat_defense_softwareMatch6.4.0.4
ORciscofirepower_threat_defense_softwareMatch6.4.0.5
ORciscofirepower_threat_defense_softwareMatch6.4.0.6
ORciscofirepower_threat_defense_softwareMatch6.4.0.7
ORciscofirepower_threat_defense_softwareMatch6.4.0.8
ORciscofirepower_threat_defense_softwareMatch6.4.0.9
ORciscofirepower_threat_defense_softwareMatch6.4.0.10
ORciscofirepower_threat_defense_softwareMatch6.4.0.11
ORciscofirepower_threat_defense_softwareMatch6.7.0
ORciscofirepower_threat_defense_softwareMatch6.7.0.1
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch1000_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatchany
ORciscofirepower_threat_defense_softwareMatchany
ORciscoips_sensor_softwareMatchany
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.2.3_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.2.3.1_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.2.3.2_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.2.3.3_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.2.3.4_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.2.3.5_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.2.3.6_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.2.3.7_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.2.3.8_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.2.3.10_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.2.3.11_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.2.3.9_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.2.3.12_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.2.3.13_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.2.3.14_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.2.3.15_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.2.3.16_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch1000_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.6.0_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch1000_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.6.0.1_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch1000_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.6.1_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch1000_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.4.0_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.4.0.1_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch1000_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.4.0.3_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch1000_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.4.0.2_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch1000_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.4.0.4_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch1000_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.4.0.5_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch1000_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.4.0.6_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch1000_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.4.0.7_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch1000_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.4.0.8_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch1000_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.4.0.9_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch1000_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.4.0.10_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch1000_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.4.0.11_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch1000_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.7.0_when_installed_on_cisco_secure_firewall_threat_defense_virtual
ORciscofirepower_threat_defense_softwareMatch2100_series
ORciscofirepower_threat_defense_softwareMatch1000_series
ORciscofirepower_threat_defense_softwareMatch3000_series_industrial_security_appliances_\(isa\)
ORciscofirepower_threat_defense_softwareMatch9000_series
ORciscofirepower_threat_defense_softwareMatch4100_series
ORciscofirepower_threat_defense_softwareMatch6.7.0.1_when_installed_on_cisco_secure_firewall_threat_defense_virtual
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | firepower_threat_defense_software | 6.2 | cpe:2.3:a:cisco:firepower_threat_defense_software:6.2:*:*:*:*:*:*:* |
| cisco | firepower_threat_defense_software | 6.6 | cpe:2.3:a:cisco:firepower_threat_defense_software:6.6:*:*:*:*:*:*:* |
| cisco | firepower_threat_defense_software | 6.4 | cpe:2.3:a:cisco:firepower_threat_defense_software:6.4:*:*:*:*:*:*:* |
| cisco | firepower_threat_defense_software | 6.7 | cpe:2.3:a:cisco:firepower_threat_defense_software:6.7:*:*:*:*:*:*:* |
| cisco | firepower_2100_firmware | any | cpe:2.3:o:cisco:firepower_2100_firmware:any:*:*:*:*:*:*:* |
| cisco | firepower_management_center_1000_firmware | any | cpe:2.3:o:cisco:firepower_management_center_1000_firmware:any:*:*:*:*:*:*:* |
| cisco | industrial_security_appliances_3000_firmware | any | cpe:2.3:o:cisco:industrial_security_appliances_3000_firmware:any:*:*:*:*:*:*:* |
| cisco | firepower_9000_firmware | any | cpe:2.3:o:cisco:firepower_9000_firmware:any:*:*:*:*:*:*:* |
| cisco | firepower_4100_next-generation_firewall_firmware | any | cpe:2.3:o:cisco:firepower_4100_next-generation_firewall_firmware:any:*:*:*:*:*:*:* |
| cisco | unified_threat_defense | any | cpe:2.3:a:cisco:unified_threat_defense:any:*:*:*:*:*:*:* |
Related
nessus
nessus
Cisco Firepower Threat Defence Snort HTTP Detection Engine File Policy Bypass (cisco-sa-http-fp-bp-KfDdcQhc)
2021-05-28 00:00:00
Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass (cisco-sa-http-fp-bp-KfDdcQhc)
2021-05-28 00:00:00
Debian DSA-5354-1 : snort - security update
2023-02-18 00:00:00
prion
prion
Design/Logic Flaw
2021-04-29 18:15:00
cve
cve
CVE-2021-1495
2021-04-29 18:15:09
CVE-2021-1494
2022-02-25 11:31:06
ubuntucve
ubuntucve
CVE-2021-1495
2021-04-29 00:00:00
CVE-2021-1494
2021-12-31 00:00:00
debiancve
debiancve
CVE-2021-1495
2021-04-29 18:15:09
CVE-2021-1494
2022-02-25 11:31:06
veracode
veracode
Authorization Bypass
2023-03-11 00:25:34
File Policy Bypass
2023-03-11 00:24:57
cvelist
cvelist
nvd
nvd
CVE-2021-1495
2021-04-29 18:15:09
osv
osv
snort - security update
2023-02-18 00:00:00
snort - security update
2023-02-11 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-5354-1)
2023-02-19 00:00:00
Debian: Security Advisory (DLA-3317-1)
2023-02-11 00:00:00
Mageia: Security Advisory (MGASA-2023-0117)
2023-03-31 00:00:00
mageia
mageia
Updated snort packages fix security vulnerability
2023-03-31 03:13:46
debian
debian
[SECURITY] [DLA 3317-1] snort security update
2023-02-10 23:23:58
[SECURITY] [DSA 5354-1] snort security update
2023-02-18 16:38:22