Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2021-40114
HistoryOct 27, 2021 - 7:15 p.m.

CVE-2021-40114

2021-10-2719:15:08
Debian Security Bug Tracker
security-tracker.debian.org
15
cisco
snort
icmp

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.004

Percentile

74.1%

JSON

Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper memory resource management while the Snort detection engine is processing ICMP packets. An attacker could exploit this vulnerability by sending a series of ICMP packets through an affected device. A successful exploit could allow the attacker to exhaust resources on the affected device, causing the device to reload.

OSVersionArchitecturePackageVersionFilename
Debian999allsnort<= 2.9.15.1-6snort_2.9.15.1-6_all.deb

Related

nessus 4
alpinelinux 1
cvelist 1
cisco 1
nvd 1
ubuntucve 1
veracode 1
cve 1
osv 3
prion 1
openvas 3
mageia 1
debian 2
nessus
nessus
Cisco Firepower Threat Defense Snort Memory Leak DoS (cisco-sa-snort-dos-s2R7W9UU)
2022-06-06 00:00:00
Cisco IOS XE Software Unified Threat Defense DoS (cisco-sa-snort-dos-s2R7W9UU)
2022-06-06 00:00:00
Debian DLA-3317-1 : snort - LTS security update
2023-02-11 00:00:00
alpinelinux
alpinelinux
CVE-2021-40114
2021-10-27 19:15:08
cvelist
cvelist
CVE-2021-40114 Multiple Cisco Products Snort Memory Leak Denial of Service Vulnerability
2021-10-27 18:56:37
cisco
cisco
Multiple Cisco Products Snort Memory Leak Denial of Service Vulnerability
2021-10-27 16:00:00
nvd
nvd
CVE-2021-40114
2021-10-27 19:15:08
ubuntucve
ubuntucve
CVE-2021-40114
2021-10-27 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-04-10 10:35:00
cve
cve
CVE-2021-40114
2021-10-27 19:15:08
osv
osv
CVE-2021-40114
2021-10-27 19:15:08
snort - security update
2023-02-11 00:00:00
snort - security update
2023-02-18 00:00:00
prion
prion
Design/Logic Flaw
2021-10-27 19:15:00
openvas
openvas
Debian: Security Advisory (DLA-3317-1)
2023-02-11 00:00:00
Debian: Security Advisory (DSA-5354-1)
2023-02-19 00:00:00
Mageia: Security Advisory (MGASA-2023-0117)
2023-03-31 00:00:00
mageia
mageia
Updated snort packages fix security vulnerability
2023-03-31 03:13:46
debian
debian
[SECURITY] [DLA 3317-1] snort security update
2023-02-10 23:23:58
[SECURITY] [DSA 5354-1] snort security update
2023-02-18 16:38:22

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.004

Percentile

74.1%

JSON
Related for DEBIANCVE:CVE-2021-40114
nessus4alpinelinux1cvelist1cisco1nvd1ubuntucve1veracode1cve1osv3prion1openvas3mageia1debian2