Lucene search
This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.CISCO-SA-MEMC-DOS-FNCTYYKG-FTD.NASLHistoryMay 06, 2021 - 12:00 a.m.
Cisco Firepower Threat Defense Software Web Services Buffer Overflow DoS (cisco-sa-memc-dos-fncTyYKG)
2021-05-0600:00:00
This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
15
cisco
firepower threat defense
web services
denial of service
security patch
vulnerability
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:P/I:N/A:C
CVSS3
8.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:H
EPSS
0.001
Percentile
41.8%
According to its self-reported version, Cisco FTD Software is affected by a vulnerability due to insufficient boundary checks. An authenticated, remote attacker can exploit this, by sending a crafted HTTP request to the web services interface, in order to cause a denial of service (DoS) condition.
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#TRUSTED 622732044f8edefacc18ba1273e9b2e263fe76005e3e6cfcbf4ce9e800f3cdee7feed4bfea6a532caa68bad959d63344b962e89a38e0f0cd3ac82366a79a21b520094f2be522e60b9c530f53d1642a3155f1d8a56e41b485ee4216c7792762d9b8bb151eea9ae24ebe6ae0c86e6bd009c9a0a2ab7c771b1f517355efb4ac513354384401260a4558484d919391dca16524ce3d14f0530df17df71e3313b0fa080f46bfcd9ef20dd708b6c1494e39f2ba46341e1f613e206d8277c9cf8cfe901908aa003531a897d76eea05a97a5d4adfa0fef3ddcf6d3e505243ab52807f35219aa53d00d455e654f2f911ca1ce4ec4bd70239de3d7e170d8c7c5128e1f6cb0b4c8dd73d1a5022cd41eb2b87dba5fee83c778956d6fc8586d0e9246e8c0653cd344a8e2204fec0c912491c0cc62d085b60bd1ade3b0958b9b95f089bd8194b4fe028ce936d6cf9173acd0e142d87644b29c010b9fce2c324887ef4397924ac90c51f9e9e2d76c68e47f5e68b3a8fbb139e990cb44c5ce9ffd8186e42a0b613a31b2893e6911f97befed2e23efa724754eb8710c76d976171717ebbb3b643a36f00a68ffaa7a29a61d1923fea890034826462e20890f2a55eaa42aad98927c7e2faaa7c0261f6098411926fdcccffb6372c291d5a90daa0228562e5fde6bbe96e8034bc7e22e668364179113f16e7fc0a46355e57b07ed7e79a48a5773fa76d20
#TRUST-RSA-SHA256 2e0270b44d1acca8fdcde6d07c157563f07a1a07a80f7892905b94af6774f6a9fe59ca572924939ad738375cb41ba42c0dc2b3200a0554f3e277244177aa17c95f68ae16d0c529cd9084ac7c8dd42b651f47afdfc6f24fae9b92608784292e59e67c71abfaaa045f64cbb40677bcf77511dfeea42ee03e289a65a8bc5b698bb831788addc0f4508715719d5bc061fa319b7d9a9a23bd0efcd1b71ec998e07d7e68f426ac6525e44c8ecd00ced8dd390569374355ecfb9325a5de66c7f0401c3b50b3157b25d747d3cb005dc4cae76f96e81d61ff5700bbb487c555c64068f51228f1e49c6728a9eafe5f4bf84ceb8a70ba90e3316e84954e7ff7827ba4338eb9c4f7d893242830fcbbba09241860e72439a7714c5b4f4f0e3575cd44b938fc5f7e36e52eb26b22d8e43d1326425c0da99b353f538734614cc28afc41979f37916011af481c6a22f8862e01e4cdea39a02623aca62cd470ab73171c01c20407eb8f3ce772eb39ae229ce6c18077da49fb68352d93b2fe09e3226e3842187d62eebcc9c703ae2e4ddc574582e1b6433c9f391e554f4fb09ddbd5fa1dc510ee9323e8785ef944fcc04b2eb6baaf69a39e7794db44ab948cf3d65bee687f74ae984b26586654c9c06dfe3e89c7004ef11f36582260c250399755e55cf6a1a8a6b8e1d5c06cd2cd67dfd2b7a1305aba1b18975c31b85efc7f52dc9b83b11b5b3dffdd
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable Network Security, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(149300);
script_version("1.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/03/31");
script_cve_id("CVE-2021-1493");
script_xref(name:"IAVA", value:"2021-A-0205-S");
script_xref(name:"CISCO-BUG-ID", value:"CSCvw52609");
script_xref(name:"CISCO-SA", value:"cisco-sa-memc-dos-fncTyYKG");
script_name(english:"Cisco Firepower Threat Defense Software Web Services Buffer Overflow DoS (cisco-sa-memc-dos-fncTyYKG)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch");
script_set_attribute(attribute:"description", value:
"According to its self-reported version, Cisco FTD Software is affected by a vulnerability due to insufficient
boundary checks. An authenticated, remote attacker can exploit this, by sending a crafted HTTP request to the web
services interface, in order to cause a denial of service (DoS) condition.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
# https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-memc-dos-fncTyYKG
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b4d5076e");
script_set_attribute(attribute:"see_also", value:"http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-74594");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw52609");
script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvw52609");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-1493");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(120);
script_set_attribute(attribute:"vuln_publication_date", value:"2021/04/28");
script_set_attribute(attribute:"patch_publication_date", value:"2021/04/28");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/05/06");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:firepower_threat_defense");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("cisco_enumerate_firepower.nbin");
script_require_keys("installed_sw/Cisco Firepower Threat Defense");
exit(0);
}
include('ccf.inc');
include('cisco_workarounds.inc');
var product_info = cisco::get_product_info(name:'Cisco Firepower Threat Defense');
var vuln_ranges = [
{'min_ver': '0.0', 'fix_ver': '6.4.0.12'},
{'min_ver': '6.5.0', 'fix_ver': '6.6.3'},
{'min_ver': '6.7.0', 'fix_ver': '6.7.0.1'}
];
var is_ftd_cli = get_kb_item("Host/Cisco/Firepower/is_ftd_cli");
var workarounds, extra, cmds;
if (!is_ftd_cli)
{
if (report_paranoia < 2)
audit(AUDIT_PARANOID);
else
{
workarounds = make_list();
extra = 'Note that Nessus was unable to check for workarounds';
}
}
else
{
workarounds = make_list(
CISCO_WORKAROUNDS['anyconnect_client_services'],
CISCO_WORKAROUNDS['ssl_vpn']
);
cmds = make_list('show running-config');
}
var reporting = make_array(
'port' , 0,
'severity' , SECURITY_HOLE,
'version' , product_info['version'],
'bug_id' , 'CSCvw52609',
'extra' , extra
);
if (max_index(cmds) > 0)
reporting['cmds'] = cmds;
cisco::check_and_report(
product_info:product_info,
workarounds:workarounds,
reporting:reporting,
vuln_ranges:vuln_ranges
);
Related
cisco
cisco
prion
prion
Buffer overflow
2021-04-29 18:15:00
nessus
nessus
cve
cve
CVE-2021-1493
2021-04-29 18:15:09
nvd
nvd
CVE-2021-1493
2021-04-29 18:15:09
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:P/I:N/A:C
CVSS3
8.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:H
EPSS
0.001
Percentile
41.8%
Related for CISCO-SA-MEMC-DOS-FNCTYYKG-FTD.NASL