ID

VAR-202108-0824


CVE

CVE-2021-34749


TITLE

plural  Cisco  Vulnerability regarding information leakage in products

Trust: 0.8

sources: JVNDB: JVNDB-2021-010837

DESCRIPTION

A vulnerability in Server Name Identification (SNI) request filtering of Cisco Web Security Appliance (WSA), Cisco Firepower Threat Defense (FTD), and the Snort detection engine could allow an unauthenticated, remote attacker to bypass filtering technology on an affected device and exfiltrate data from a compromised host. This vulnerability is due to inadequate filtering of the SSL handshake. An attacker could exploit this vulnerability by using data from the SSL client hello packet to communicate with an external server. A successful exploit could allow the attacker to execute a command-and-control attack on a compromised host and perform additional data exfiltration attacks. Cisco Firepower Threat Defense is a suite of unified software that provides next-generation firewall services. Cisco Web Security Appliance is a web security appliance. The appliance provides SaaS-based access control, real-time network reporting and tracking, and security policy formulation. For the stable distribution (bullseye), these problems have been fixed in version 2.9.20-0+deb11u1. We recommend that you upgrade your snort packages. For the detailed security status of snort please refer to its security tracker page at: https://security-tracker.debian.org/tracker/snort Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmPw/Y5fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeQRrA/9EQ9kF1LT2fYUGFMyKeCQQFTB8tfIsyz2VUrGUtWlVDKsDVqfEMWa6Zwx rAaFnAPOBi1KNX1laencuphuiDIxLmvA0ShpHKo/R3vY4WXmNwJMjPWNr82oTw8j CEggyfj9i5V1EwZZi0B3L4WP1pCQcJRN6XVB3FJWZScyQFtRH0xO7l9acIV68lTs 9hGDDe2wn5ufHh0sXskZitgYoXfdHjjl3CzFxrmGGDq9KFr8rDIEUnZrm58DCRNL RkDmvxrEEsXGmzQlhT/2ea88aIXgNM4xnDztr3iV1v8JOMb6BwehrH43NgdDb5V8 6xBcHuXOLNI75mca1TQxwUd8PSNo3YK60IbDC2ztcUIIvl1xk8bDFyABb3gKvGoR izKFYej4hNeZb+0HWHsnO9vvP4t6LkKF/iIGNNVNmA9ZJA94ESCfItSozIITqRE2 sJQ43X9uQhX2p/dfeyNoOJDhie0RyZyg0rPxIDNonP1YJ8kTjMMHnRNqGn9MkVYK bNr1/sdLhH0TXvs5XoL9b9YjUPL67hDHL9bHLByOKNSxXrth+TcqFX+eg7Bztn1A vS4Sc2TWCuBa3jdrS9WJiy58aB1sTABRhN+tY4wVs+A9vIr1dKHn4wsB8axmpYDW cyzVbz9Q+fC+gXwDusZccBqfD7rByEFWXflBFI4PDXRrW+NPy8w\xdb5k -----END PGP SIGNATURE-----

Trust: 1.89

sources: NVD: CVE-2021-34749 // JVNDB: JVNDB-2021-010837 // VULHUB: VHN-394991 // VULMON: CVE-2021-34749 // PACKETSTORM: 171060

AFFECTED PRODUCTS

vendor:ciscomodel:firepower management center virtual appliancescope:eqversion:6.6.0

Trust: 1.0

vendor:ciscomodel:secure firewall management centerscope:eqversion:2.9.18

Trust: 1.0

vendor:ciscomodel:firepower management center virtual appliancescope:eqversion:6.7.0

Trust: 1.0

vendor:ciscomodel:firepower management center virtual appliancescope:eqversion:7.1.0

Trust: 1.0

vendor:ciscomodel:ironport web security appliancescope:eqversion:14.5

Trust: 1.0

vendor:ciscomodel:firepower management center virtual appliancescope:eqversion:7.0.0

Trust: 1.0

vendor:シスコシステムズmodel:cisco firepower management center virtual appliancescope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco ironport web セキュリティ アプライアンスscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco firepower management centerscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-010837 // NVD: CVE-2021-34749

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-34749
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2021-34749
value: MEDIUM

Trust: 1.0

NVD: CVE-2021-34749
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202108-1648
value: HIGH

Trust: 0.6

VULHUB: VHN-394991
value: MEDIUM

Trust: 0.1

VULMON: CVE-2021-34749
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-34749
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-394991
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-34749
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2021-34749
baseSeverity: MEDIUM
baseScore: 5.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

NVD: CVE-2021-34749
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-394991 // VULMON: CVE-2021-34749 // JVNDB: JVNDB-2021-010837 // CNNVD: CNNVD-202108-1648 // NVD: CVE-2021-34749 // NVD: CVE-2021-34749

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.1

problemtype:information leak (CWE-200) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-394991 // JVNDB: JVNDB-2021-010837 // NVD: CVE-2021-34749

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 171060 // CNNVD: CNNVD-202108-1648

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-202108-1648

PATCH

title:cisco-sa-sni-data-exfil-mFgzXqLNurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sni-data-exfil-mFgzXqLN

Trust: 0.8

title:Cisco Repair measures for information disclosure vulnerabilities of various productsurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=160754

Trust: 0.6

title:Cisco: Multiple Cisco Products Server Name Identification Data Exfiltration Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-sni-data-exfil-mFgzXqLN

Trust: 0.1

title:Debian CVElist Bug Report Logs: snort: CVE-2020-3315 CVE-2021-1223 CVE-2021-1224 CVE-2021-1494 CVE-2021-1495 CVE-2021-34749 CVE-2021-40114url:https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=1773b4dd82d4d83f1431e21300c33475

Trust: 0.1

title:Debian Security Advisories: DSA-5354-1 snort -- security updateurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=6ecec49445da07dca8fb53a5a107855c

Trust: 0.1

title: - url:https://github.com/Live-Hack-CVE/CVE-2021-34749

Trust: 0.1

sources: VULMON: CVE-2021-34749 // JVNDB: JVNDB-2021-010837 // CNNVD: CNNVD-202108-1648

EXTERNAL IDS

db:NVDid:CVE-2021-34749

Trust: 3.5

db:JVNDBid:JVNDB-2021-010837

Trust: 0.8

db:CNNVDid:CNNVD-202108-1648

Trust: 0.7

db:AUSCERTid:ESB-2023.1047

Trust: 0.6

db:AUSCERTid:ESB-2023.0833

Trust: 0.6

db:PACKETSTORMid:171060

Trust: 0.2

db:VULHUBid:VHN-394991

Trust: 0.1

db:VULMONid:CVE-2021-34749

Trust: 0.1

sources: VULHUB: VHN-394991 // VULMON: CVE-2021-34749 // JVNDB: JVNDB-2021-010837 // PACKETSTORM: 171060 // CNNVD: CNNVD-202108-1648 // NVD: CVE-2021-34749

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sni-data-exfil-mfgzxqln

Trust: 2.5

url:https://www.debian.org/security/2023/dsa-5354

Trust: 1.8

url:https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2021-34749

Trust: 0.9

url:https://www.auscert.org.au/bulletins/esb-2023.0833

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2023.1047

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-wsa-snort-data-transit-via-ssl-handshake-sni-36153

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/200.html

Trust: 0.1

url:https://github.com/live-hack-cve/cve-2021-34749

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1495

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-40114

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-3299

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1223

Trust: 0.1

url:https://www.debian.org/security/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-3315

Trust: 0.1

url:https://security-tracker.debian.org/tracker/snort

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1236

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1494

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1224

Trust: 0.1

url:https://www.debian.org/security/faq

Trust: 0.1

sources: VULHUB: VHN-394991 // VULMON: CVE-2021-34749 // JVNDB: JVNDB-2021-010837 // PACKETSTORM: 171060 // CNNVD: CNNVD-202108-1648 // NVD: CVE-2021-34749

CREDITS

Debian

Trust: 0.1

sources: PACKETSTORM: 171060

SOURCES

db:VULHUBid:VHN-394991
db:VULMONid:CVE-2021-34749
db:JVNDBid:JVNDB-2021-010837
db:PACKETSTORMid:171060
db:CNNVDid:CNNVD-202108-1648
db:NVDid:CVE-2021-34749

LAST UPDATE DATE

2024-11-27T20:25:23.979000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-394991date:2023-02-19T00:00:00
db:VULMONid:CVE-2021-34749date:2023-02-19T00:00:00
db:JVNDBid:JVNDB-2021-010837date:2022-07-08T07:49:00
db:CNNVDid:CNNVD-202108-1648date:2023-02-21T00:00:00
db:NVDid:CVE-2021-34749date:2024-11-26T16:09:02.407

SOURCES RELEASE DATE

db:VULHUBid:VHN-394991date:2021-08-18T00:00:00
db:VULMONid:CVE-2021-34749date:2021-08-18T00:00:00
db:JVNDBid:JVNDB-2021-010837date:2022-07-08T00:00:00
db:PACKETSTORMid:171060date:2023-02-20T16:53:59
db:CNNVDid:CNNVD-202108-1648date:2021-08-18T00:00:00
db:NVDid:CVE-2021-34749date:2021-08-18T20:15:07.930