var-202101-0782
Vulnerability from variot
Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP payload if it is contained at least partially within the TFO connection handshake. An attacker could exploit this vulnerability by sending crafted TFO packets with an HTTP payload through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload. plural Cisco The product contains a privilege management vulnerability.Information may be tampered with. Cisco 3000 Series Industrial Security Appliances, etc. are all products of Cisco (Cisco). Cisco 3000 Series Industrial Security Appliances are 3000 Series Industrial Security Appliances. Cisco 4000 Series Integrated Services Routers (ISRS) are 4000 Series enterprise-class multiservice routers. Cisco Cloud Services Router 1000V Series is a 1000v series cloud service routing software. A security vulnerability exists in several Cisco products. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Debian Security Advisory DSA-5354-1 security@debian.org https://www.debian.org/security/ Markus Koschany February 18, 2023 https://www.debian.org/security/faq
Package : snort CVE ID : CVE-2020-3299 CVE-2020-3315 CVE-2021-1223 CVE-2021-1224 CVE-2021-1236 CVE-2021-1494 CVE-2021-1495 CVE-2021-34749 CVE-2021-40114 Debian Bug : 1021276
Multiple security vulnerabilities were discovered in snort, a flexible Network Intrusion Detection System, which could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or bypass filtering technology on an affected device and ex-filtrate data from a compromised host.
For the stable distribution (bullseye), these problems have been fixed in version 2.9.20-0+deb11u1.
We recommend that you upgrade your snort packages.
For the detailed security status of snort please refer to its security tracker page at: https://security-tracker.debian.org/tracker/snort
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmPw/Y5fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeQRrA/9EQ9kF1LT2fYUGFMyKeCQQFTB8tfIsyz2VUrGUtWlVDKsDVqfEMWa6Zwx rAaFnAPOBi1KNX1laencuphuiDIxLmvA0ShpHKo/R3vY4WXmNwJMjPWNr82oTw8j CEggyfj9i5V1EwZZi0B3L4WP1pCQcJRN6XVB3FJWZScyQFtRH0xO7l9acIV68lTs 9hGDDe2wn5ufHh0sXskZitgYoXfdHjjl3CzFxrmGGDq9KFr8rDIEUnZrm58DCRNL RkDmvxrEEsXGmzQlhT/2ea88aIXgNM4xnDztr3iV1v8JOMb6BwehrH43NgdDb5V8 6xBcHuXOLNI75mca1TQxwUd8PSNo3YK60IbDC2ztcUIIvl1xk8bDFyABb3gKvGoR izKFYej4hNeZb+0HWHsnO9vvP4t6LkKF/iIGNNVNmA9ZJA94ESCfItSozIITqRE2 sJQ43X9uQhX2p/dfeyNoOJDhie0RyZyg0rPxIDNonP1YJ8kTjMMHnRNqGn9MkVYK bNr1/sdLhH0TXvs5XoL9b9YjUPL67hDHL9bHLByOKNSxXrth+TcqFX+eg7Bztn1A vS4Sc2TWCuBa3jdrS9WJiy58aB1sTABRhN+tY4wVs+A9vIr1dKHn4wsB8axmpYDW cyzVbz9Q+fC+gXwDusZccBqfD7rByEFWXflBFI4PDXRrW+NPy8w\xdb5k -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-202101-0782", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "meraki mx67c", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "firepower management center", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "2.9.16" }, { "model": "meraki mx450", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "meraki mx67", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "firepower management center", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "2.9.15" }, { "model": "firepower management center", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "2.9.17" }, { "model": "meraki mx68", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "meraki mx64", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "meraki mx68cw", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "snort", "scope": "lt", "trust": 1.0, "vendor": "snort", "version": "2.9.17" }, { "model": "meraki mx64w", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "firepower management center", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "3.0.1" }, { "model": "meraki mx68w", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "meraki mx84", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "ios xe", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "17.4.1" }, { "model": "firepower management center", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "2.9.14.0" }, { "model": "firepower threat defense", "scope": "lt", "trust": 1.0, "vendor": "cisco", "version": "6.7.0" }, { "model": "meraki mx250", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "firepower management center", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": "2.9.18" }, { "model": "meraki mx67w", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "meraki mx100", "scope": "eq", "trust": 1.0, "vendor": "cisco", "version": null }, { "model": "cisco-meraki mx68cw", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "cisco-meraki mx67w", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "snort", "scope": null, "trust": 0.8, "vendor": "snort", "version": null }, { "model": "cisco ios xe", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "cisco-meraki mx67", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "cisco firepower threat defense \u30bd\u30d5\u30c8\u30a6\u30a7\u30a2", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "cisco-meraki mx68", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "cisco firepower management center", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "cisco-meraki mx64", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "cisco-meraki mx64w", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null }, { "model": "cisco-meraki mx67c", "scope": null, "trust": 0.8, "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba", "version": null } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-002550" }, { "db": "NVD", "id": "CVE-2021-1224" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:cisco:firepower_management_center:2.9.14.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:firepower_management_center:2.9.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:firepower_management_center:2.9.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "6.7.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:firepower_management_center:2.9.17:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:firepower_management_center:2.9.18:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:cisco:firepower_management_center:3.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "17.4.1", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:csr_1000v:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:h:cisco:isa_3000:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:snort:snort:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "2.9.17", "vulnerable": true } ], "operator": "OR" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:meraki_mx64_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:meraki_mx64:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:meraki_mx64w_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:meraki_mx64w:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:meraki_mx67_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:meraki_mx67:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:meraki_mx67c_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:meraki_mx67c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:meraki_mx67w_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:meraki_mx67w:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:meraki_mx68_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:meraki_mx68:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:meraki_mx68cw_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:meraki_mx68cw:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:meraki_mx68w_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:meraki_mx68w:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:meraki_mx100_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:meraki_mx100:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:meraki_mx84_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:meraki_mx84:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:meraki_mx250_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:meraki_mx250:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:cisco:meraki_mx450_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:cisco:meraki_mx450:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2021-1224" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Debian", "sources": [ { "db": "PACKETSTORM", "id": "171060" } ], "trust": 0.1 }, "cve": "CVE-2021-1224", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "impactScore": 2.9, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "None", "baseScore": 5.0, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2021-1224", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "VHN-374278", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "impactScore": 1.4, "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "ykramarz@cisco.com", "availabilityImpact": "NONE", "baseScore": 5.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "impactScore": 1.4, "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N", "version": "3.1" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "None", "baseScore": 5.3, "baseSeverity": "Medium", "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2021-1224", "impactScore": null, "integrityImpact": "Low", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2021-1224", "trust": 1.8, "value": "MEDIUM" }, { "author": "ykramarz@cisco.com", "id": "CVE-2021-1224", "trust": 1.0, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-202101-965", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-374278", "trust": 0.1, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2021-1224", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-374278" }, { "db": "VULMON", "id": "CVE-2021-1224" }, { "db": "JVNDB", "id": "JVNDB-2021-002550" }, { "db": "NVD", "id": "CVE-2021-1224" }, { "db": "NVD", "id": "CVE-2021-1224" }, { "db": "CNNVD", "id": "CNNVD-202101-965" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP payload if it is contained at least partially within the TFO connection handshake. An attacker could exploit this vulnerability by sending crafted TFO packets with an HTTP payload through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload. plural Cisco The product contains a privilege management vulnerability.Information may be tampered with. Cisco 3000 Series Industrial Security Appliances, etc. are all products of Cisco (Cisco). Cisco 3000 Series Industrial Security Appliances are 3000 Series Industrial Security Appliances. Cisco 4000 Series Integrated Services Routers (ISRS) are 4000 Series enterprise-class multiservice routers. Cisco Cloud Services Router 1000V Series is a 1000v series cloud service routing software. A security vulnerability exists in several Cisco products. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-5354-1 security@debian.org\nhttps://www.debian.org/security/ Markus Koschany\nFebruary 18, 2023 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : snort\nCVE ID : CVE-2020-3299 CVE-2020-3315 CVE-2021-1223 CVE-2021-1224\n CVE-2021-1236 CVE-2021-1494 CVE-2021-1495 CVE-2021-34749\n CVE-2021-40114\nDebian Bug : 1021276\n\nMultiple security vulnerabilities were discovered in snort, a flexible Network\nIntrusion Detection System, which could allow an unauthenticated, remote\nattacker to cause a denial of service (DoS) condition or bypass filtering\ntechnology on an affected device and ex-filtrate data from a compromised host. \n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 2.9.20-0+deb11u1. \n\nWe recommend that you upgrade your snort packages. \n\nFor the detailed security status of snort please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/snort\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmPw/Y5fFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD\nRjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7\nUeQRrA/9EQ9kF1LT2fYUGFMyKeCQQFTB8tfIsyz2VUrGUtWlVDKsDVqfEMWa6Zwx\nrAaFnAPOBi1KNX1laencuphuiDIxLmvA0ShpHKo/R3vY4WXmNwJMjPWNr82oTw8j\nCEggyfj9i5V1EwZZi0B3L4WP1pCQcJRN6XVB3FJWZScyQFtRH0xO7l9acIV68lTs\n9hGDDe2wn5ufHh0sXskZitgYoXfdHjjl3CzFxrmGGDq9KFr8rDIEUnZrm58DCRNL\nRkDmvxrEEsXGmzQlhT/2ea88aIXgNM4xnDztr3iV1v8JOMb6BwehrH43NgdDb5V8\n6xBcHuXOLNI75mca1TQxwUd8PSNo3YK60IbDC2ztcUIIvl1xk8bDFyABb3gKvGoR\nizKFYej4hNeZb+0HWHsnO9vvP4t6LkKF/iIGNNVNmA9ZJA94ESCfItSozIITqRE2\nsJQ43X9uQhX2p/dfeyNoOJDhie0RyZyg0rPxIDNonP1YJ8kTjMMHnRNqGn9MkVYK\nbNr1/sdLhH0TXvs5XoL9b9YjUPL67hDHL9bHLByOKNSxXrth+TcqFX+eg7Bztn1A\nvS4Sc2TWCuBa3jdrS9WJiy58aB1sTABRhN+tY4wVs+A9vIr1dKHn4wsB8axmpYDW\ncyzVbz9Q+fC+gXwDusZccBqfD7rByEFWXflBFI4PDXRrW+NPy8w\\xdb5k\n-----END PGP SIGNATURE-----\n", "sources": [ { "db": "NVD", "id": "CVE-2021-1224" }, { "db": "JVNDB", "id": "JVNDB-2021-002550" }, { "db": "VULHUB", "id": "VHN-374278" }, { "db": "VULMON", "id": "CVE-2021-1224" }, { "db": "PACKETSTORM", "id": "171060" } ], "trust": 1.89 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2021-1224", "trust": 2.7 }, { "db": "JVNDB", "id": "JVNDB-2021-002550", "trust": 0.8 }, { "db": "AUSCERT", "id": "ESB-2021.0138", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2023.1047", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2023.0833", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-202101-965", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "171060", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-374278", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2021-1224", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-374278" }, { "db": "VULMON", "id": "CVE-2021-1224" }, { "db": "JVNDB", "id": "JVNDB-2021-002550" }, { "db": "PACKETSTORM", "id": "171060" }, { "db": "NVD", "id": "CVE-2021-1224" }, { "db": "CNNVD", "id": "CNNVD-202101-965" } ] }, "id": "VAR-202101-0782", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-374278" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T11:25:01.402000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Top\u00a0Page Cisco Systems Cisco\u00a0Security\u00a0Advisory", "trust": 0.8, "url": "https://www.snort.org/" }, { "title": "Cisco Various product security vulnerabilities", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=139223" }, { "title": "Cisco: Multiple Cisco Products Snort TCP Fast Open File Policy Bypass Vulnerability", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-snort-tfo-bypass-mmzzrtes" }, { "title": "Debian CVElist Bug Report Logs: snort: CVE-2020-3315 CVE-2021-1223 CVE-2021-1224 CVE-2021-1494 CVE-2021-1495 CVE-2021-34749 CVE-2021-40114", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=1773b4dd82d4d83f1431e21300c33475" }, { "title": "Debian Security Advisories: DSA-5354-1 snort -- security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=6ecec49445da07dca8fb53a5a107855c" }, { "title": "threat-generator", "trust": 0.1, "url": "https://github.com/kernelr0p/threat-generator " }, { "title": "", "trust": 0.1, "url": "https://github.com/live-hack-cve/cve-2021-1224 " } ], "sources": [ { "db": "VULMON", "id": "CVE-2021-1224" }, { "db": "JVNDB", "id": "JVNDB-2021-002550" }, { "db": "CNNVD", "id": "CNNVD-202101-965" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-Other", "trust": 1.0 }, { "problemtype": "Improper authority management (CWE-269) [NVD Evaluation ]", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-002550" }, { "db": "NVD", "id": "CVE-2021-1224" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-snort-tfo-bypass-mmzzrtes" }, { "trust": 1.8, "url": "https://www.debian.org/security/2023/dsa-5354" }, { "trust": 1.8, "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html" }, { "trust": 1.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-1224" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/cisco-meraki-mx-privilege-escalation-via-snort-tfo-policy-bypass-34314" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2023.0833" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2023.1047" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2021.0138/" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/.html" }, { "trust": 0.1, "url": "https://github.com/kernelr0p/threat-generator" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-34749" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-1495" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-40114" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3299" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-1223" }, { "trust": 0.1, "url": "https://www.debian.org/security/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3315" }, { "trust": 0.1, "url": "https://security-tracker.debian.org/tracker/snort" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-1236" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2021-1494" }, { "trust": 0.1, "url": "https://www.debian.org/security/faq" } ], "sources": [ { "db": "VULHUB", "id": "VHN-374278" }, { "db": "VULMON", "id": "CVE-2021-1224" }, { "db": "JVNDB", "id": "JVNDB-2021-002550" }, { "db": "PACKETSTORM", "id": "171060" }, { "db": "NVD", "id": "CVE-2021-1224" }, { "db": "CNNVD", "id": "CNNVD-202101-965" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-374278" }, { "db": "VULMON", "id": "CVE-2021-1224" }, { "db": "JVNDB", "id": "JVNDB-2021-002550" }, { "db": "PACKETSTORM", "id": "171060" }, { "db": "NVD", "id": "CVE-2021-1224" }, { "db": "CNNVD", "id": "CNNVD-202101-965" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2021-01-13T00:00:00", "db": "VULHUB", "id": "VHN-374278" }, { "date": "2021-01-13T00:00:00", "db": "VULMON", "id": "CVE-2021-1224" }, { "date": "2021-09-22T00:00:00", "db": "JVNDB", "id": "JVNDB-2021-002550" }, { "date": "2023-02-20T16:53:59", "db": "PACKETSTORM", "id": "171060" }, { "date": "2021-01-13T22:15:20.410000", "db": "NVD", "id": "CVE-2021-1224" }, { "date": "2021-01-13T00:00:00", "db": "CNNVD", "id": "CNNVD-202101-965" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-02-19T00:00:00", "db": "VULHUB", "id": "VHN-374278" }, { "date": "2023-02-19T00:00:00", "db": "VULMON", "id": "CVE-2021-1224" }, { "date": "2021-09-22T08:52:00", "db": "JVNDB", "id": "JVNDB-2021-002550" }, { "date": "2023-11-07T03:27:44.583000", "db": "NVD", "id": "CVE-2021-1224" }, { "date": "2023-02-21T00:00:00", "db": "CNNVD", "id": "CNNVD-202101-965" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "171060" }, { "db": "CNNVD", "id": "CNNVD-202101-965" } ], "trust": 0.7 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "plural \u00a0Cisco\u00a0 Product permission management vulnerabilities", "sources": [ { "db": "JVNDB", "id": "JVNDB-2021-002550" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "other", "sources": [ { "db": "CNNVD", "id": "CNNVD-202101-965" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.