Lucene search

[email protected]CVE-2021-40114

HistoryOct 27, 2021 - 7:15 p.m.

CVE-2021-40114

2021-10-2719:15:08

CWE-770

CWE-401

[email protected]

web.nvd.nist.gov

cisco

vulnerability

dos

cve-2021-40114

snort

icmp

remote attacker

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.6 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.4%

JSON

Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper memory resource management while the Snort detection engine is processing ICMP packets. An attacker could exploit this vulnerability by sending a series of ICMP packets through an affected device. A successful exploit could allow the attacker to exhaust resources on the affected device, causing the device to reload.

Affected configurations

NVD

Node

ciscofirepower_management_centerMatch2.9.14.0

ciscofirepower_management_centerMatch2.9.15

ciscofirepower_management_centerMatch2.9.16

ciscofirepower_management_centerMatch2.9.17

ciscofirepower_threat_defenseRange<6.4.0.12

ciscofirepower_threat_defenseRange6.5.0–6.6.3

ciscofirepower_threat_defenseRange6.7.0–6.7.0.2

ciscounified_threat_defenseRange16.12–16.12.6

ciscounified_threat_defenseRange17.3–17.3.4a

ciscounified_threat_defenseRange17.4–17.4.2

Node

snortsnortRange2.0.0–2.9.18

CPENameOperatorVersion
cisco:firepower_management_centercisco firepower management centereq2.9.14.0
cisco:firepower_management_centercisco firepower management centereq2.9.15
cisco:firepower_management_centercisco firepower management centereq2.9.16
cisco:firepower_management_centercisco firepower management centereq2.9.17
cisco:firepower_threat_defensecisco firepower threat defenselt6.4.0.12
cisco:firepower_threat_defensecisco firepower threat defenselt6.6.3
cisco:firepower_threat_defensecisco firepower threat defenselt6.7.0.2
cisco:unified_threat_defensecisco unified threat defenselt16.12.6
cisco:unified_threat_defensecisco unified threat defenselt17.3.4a
cisco:unified_threat_defensecisco unified threat defenselt17.4.2

CPE	Name	Operator	Version
cisco:firepower_management_center	cisco firepower management center	eq	2.9.14.0
cisco:firepower_management_center	cisco firepower management center	eq	2.9.15
cisco:firepower_management_center	cisco firepower management center	eq	2.9.16
cisco:firepower_management_center	cisco firepower management center	eq	2.9.17
cisco:firepower_threat_defense	cisco firepower threat defense	lt	6.4.0.12
cisco:firepower_threat_defense	cisco firepower threat defense	lt	6.6.3
cisco:firepower_threat_defense	cisco firepower threat defense	lt	6.7.0.2
cisco:unified_threat_defense	cisco unified threat defense	lt	16.12.6
cisco:unified_threat_defense	cisco unified threat defense	lt	17.3.4a
cisco:unified_threat_defense	cisco unified threat defense	lt	17.4.2

CNA Affected

[
  {
    "vendor": "Cisco",
    "product": "Cisco Firepower Threat Defense Software ",
    "versions": [
      {
        "version": "n/a",
        "status": "affected"
      }
    ]
  }
]