CVE-2021-34793

CWE-9244 documents4 sources

Severity

8.6HIGH

EPSS

0.1%

top 76.63%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Adaptive Security Appliance Cisco Adaptive Security Appliance Software Cisco Firepower Threat Defense +9 more

Timeline

PublishedOct 27

Latest updateMay 24

Description

A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software operating in transparent mode could allow an unauthenticated, remote attacker to poison MAC address tables, resulting in a denial of service (DoS) vulnerability. This vulnerability is due to incorrect handling of certain TCP segments when the affected device is operating in transparent mode. An attacker could exploit this vulnerability by sending a crafted TCP seg…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 3.9 | Impact: 4.0

Affected Packages12 packages

▶NVDcisco/adaptive_security_appliance_software9.9.0 — 9.12.4.29+3

▶CVEListV5cisco/cisco_adaptive_security_appliance_(asa)_softwaren/a

▶NVDcisco/firepower_threat_defense6.5.0 — 6.6.5+2

▶NVDcisco/adaptive_security_appliance< 9.8.4.40

▶NVDcisco/asa_5505_firmware009.008\(004.025\)

🔴Vulnerability Details

GHSA

GHSA-jjpm-mxjp-g6mw: A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software operating in tra↗2022-05-24

▶

CVEList

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Transparent Mode Denial of Service Vulnerability↗2021-10-27

▶

📋Vendor Advisories

Cisco

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Transparent Mode Denial of Service Vulnerability↗2021-10-27

▶