cve-2021-1402
Vulnerability from cvelistv5
Published
2021-04-29 17:15
Modified
2024-11-08 23:25
Severity ?
EPSS score ?
Summary
Cisco Firepower Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability
References
Impacted products
▼ | Vendor | Product |
---|---|---|
Cisco | Cisco Firepower Threat Defense Software |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T16:11:16.984Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20210428 Cisco Firepower Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-decrypt-dos-DdyLuK6c" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2021-1402", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-08T20:02:25.729317Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-08T23:25:17.062Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco Firepower Threat Defense Software", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2021-04-28T00:00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of SSL/TLS messages when the device performs software-based SSL decryption. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message through an affected device. SSL/TLS messages sent to an affected device do not trigger this vulnerability. A successful exploit could allow the attacker to cause a process to crash. This crash would then trigger a reload of the device. No manual intervention is needed to recover the device after the reload." } ], "exploits": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." } ], "metrics": [ { "cvssV3_0": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-119", "description": "CWE-119", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-04-29T17:15:17", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "20210428 Cisco Firepower Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-decrypt-dos-DdyLuK6c" } ], "source": { "advisory": "cisco-sa-ftd-ssl-decrypt-dos-DdyLuK6c", "defect": [ [ "CSCvo46649" ] ], "discovery": "INTERNAL" }, "title": "Cisco Firepower Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2021-04-28T16:00:00", "ID": "CVE-2021-1402", "STATE": "PUBLIC", "TITLE": "Cisco Firepower Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Cisco Firepower Threat Defense Software", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "Cisco" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of SSL/TLS messages when the device performs software-based SSL decryption. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message through an affected device. SSL/TLS messages sent to an affected device do not trigger this vulnerability. A successful exploit could allow the attacker to cause a process to crash. This crash would then trigger a reload of the device. No manual intervention is needed to recover the device after the reload." } ] }, "exploit": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." } ], "impact": { "cvss": { "baseScore": "8.6", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-119" } ] } ] }, "references": { "reference_data": [ { "name": "20210428 Cisco Firepower Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-decrypt-dos-DdyLuK6c" } ] }, "source": { "advisory": "cisco-sa-ftd-ssl-decrypt-dos-DdyLuK6c", "defect": [ [ "CSCvo46649" ] ], "discovery": "INTERNAL" } } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2021-1402", "datePublished": "2021-04-29T17:15:17.610491Z", "dateReserved": "2020-11-13T00:00:00", "dateUpdated": "2024-11-08T23:25:17.062Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2021-1402\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2021-04-29T18:15:08.923\",\"lastModified\":\"2022-08-05T16:17:05.070\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of SSL/TLS messages when the device performs software-based SSL decryption. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message through an affected device. SSL/TLS messages sent to an affected device do not trigger this vulnerability. A successful exploit could allow the attacker to cause a process to crash. This crash would then trigger a reload of the device. No manual intervention is needed to recover the device after the reload.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en el controlador de mensajes SSL/TLS basado en software del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado activar una recarga de un dispositivo afectado, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS).\u0026#xa0;La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de los mensajes SSL/TLS cuando el dispositivo lleva a cabo el descifrado SSL basado en software.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un mensaje SSL/TLS dise\u00f1ado por medio de un dispositivo afectado.\u0026#xa0;Los mensajes SSL/TLS enviados a un dispositivo afectado no desencadenan esta vulnerabilidad.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar el bloqueo de un proceso.\u0026#xa0;Este bloqueo podr\u00eda entonces desencadenar una recarga del dispositivo.\u0026#xa0;No es necesaria una intervenci\u00f3n manual para recuperar el dispositivo despu\u00e9s de la recarga\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":8.6,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":4.0}],\"cvssMetricV30\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":8.6,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":4.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\",\"baseScore\":7.8},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.3.0\",\"versionEndExcluding\":\"6.4.0\",\"matchCriteriaId\":\"0B60D48C-19D8-4015-8D25-D3C0165C6080\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.5.0\",\"versionEndExcluding\":\"6.6.0\",\"matchCriteriaId\":\"B5432C87-A9AF-4CC8-8573-443562963519\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:cisco:firepower_threat_defense_virtual:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A38E373E-438F-44F6-AABF-2C57142507EE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08F0F160-DAD2-48D4-B7B2-4818B2526F35\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"977D597B-F6DE-4438-AB02-06BE64D71EBE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB71EB29-0115-4307-A9F7-262394FD9FB0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57179F60-E330-4FF0-9664-B1E4637FF210\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5535C936-391B-4619-AA03-B35265FC15D7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FFE3880-4B85-4E23-9836-70875D5109F7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"727A02E8-40A1-4DFE-A3A2-91D628D3044F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19F6546E-28F4-40DC-97D6-E0E023FE939B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52D96810-5F79-4A83-B8CA-D015790FCF72\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16FE2945-4975-4003-AE48-7E134E167A7F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"976901BF-C52C-4F81-956A-711AF8A60140\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:isa_3000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9510E97A-FD78-43C6-85BC-223001ACA264\"}]}]}],\"references\":[{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ssl-decrypt-dos-DdyLuK6c\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]}]}}" } }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.