ID

VAR-202110-1352


CVE

CVE-2021-40116


TITLE

plural  Cisco  products and  Snort  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-014297

DESCRIPTION

Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints. An attacker could exploit this vulnerability by sending a crafted IP packet to the affected device. A successful exploit could allow the attacker to cause through traffic to be dropped. Note: Only products with Snort3 configured and either a rule with Block with Reset or Interactive Block with Reset actions configured are vulnerable. Products configured with Snort2 are not vulnerable. plural Cisco products and Snort Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state

Trust: 1.8

sources: NVD: CVE-2021-40116 // JVNDB: JVNDB-2021-014297 // VULHUB: VHN-401509 // VULMON: CVE-2021-40116

AFFECTED PRODUCTS

vendor:ciscomodel:firepower threat defensescope:gteversion:7.0.0

Trust: 1.0

vendor:ciscomodel:firepower management centerscope:eqversion:3.1.0.1

Trust: 1.0

vendor:snortmodel:snortscope:ltversion:3.1.0.100

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:7.0.1

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.7.0.3

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.6.5.1

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.4.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.4.0.13

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.6.0

Trust: 1.0

vendor:snortmodel:snortscope:gteversion:3.0.0.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.7.0

Trust: 1.0

vendor:シスコシステムズmodel:cisco firepower threat defense ソフトウェアscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco firepower management centerscope: - version: -

Trust: 0.8

vendor:snortmodel:snortscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-014297 // NVD: CVE-2021-40116

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-40116
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2021-40116
value: HIGH

Trust: 1.0

NVD: CVE-2021-40116
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202110-1965
value: HIGH

Trust: 0.6

VULHUB: VHN-401509
value: HIGH

Trust: 0.1

VULMON: CVE-2021-40116
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2021-40116
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-401509
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-40116
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2021-40116
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.1

Trust: 1.0

NVD: CVE-2021-40116
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-401509 // VULMON: CVE-2021-40116 // JVNDB: JVNDB-2021-014297 // CNNVD: CNNVD-202110-1965 // NVD: CVE-2021-40116 // NVD: CVE-2021-40116

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-241

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-014297 // NVD: CVE-2021-40116

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202110-1965

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202110-1965

PATCH

title:Top Page Cisco Systems Cisco Security Advisoryurl:https://www.snort.org/

Trust: 0.8

title:Cisco Products Snort Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167516

Trust: 0.6

title:Cisco: Multiple Cisco Products Snort Rule Denial of Service Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-snort-dos-RywH7ezM

Trust: 0.1

sources: VULMON: CVE-2021-40116 // JVNDB: JVNDB-2021-014297 // CNNVD: CNNVD-202110-1965

EXTERNAL IDS

db:NVDid:CVE-2021-40116

Trust: 3.4

db:JVNDBid:JVNDB-2021-014297

Trust: 0.8

db:CS-HELPid:SB2021102918

Trust: 0.6

db:AUSCERTid:ESB-2021.3600

Trust: 0.6

db:CNNVDid:CNNVD-202110-1965

Trust: 0.6

db:VULHUBid:VHN-401509

Trust: 0.1

db:VULMONid:CVE-2021-40116

Trust: 0.1

sources: VULHUB: VHN-401509 // VULMON: CVE-2021-40116 // JVNDB: JVNDB-2021-014297 // CNNVD: CNNVD-202110-1965 // NVD: CVE-2021-40116

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-snort-dos-rywh7ezm

Trust: 2.5

url:https://nvd.nist.gov/vuln/detail/cve-2021-40116

Trust: 1.4

url:https://www.auscert.org.au/bulletins/esb-2021.3600

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021102918

Trust: 0.6

url:https://vigilance.fr/vulnerability/snort-denial-of-service-via-block-with-reset-36734

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-401509 // VULMON: CVE-2021-40116 // JVNDB: JVNDB-2021-014297 // CNNVD: CNNVD-202110-1965 // NVD: CVE-2021-40116

SOURCES

db:VULHUBid:VHN-401509
db:VULMONid:CVE-2021-40116
db:JVNDBid:JVNDB-2021-014297
db:CNNVDid:CNNVD-202110-1965
db:NVDid:CVE-2021-40116

LAST UPDATE DATE

2024-08-14T12:09:01.328000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-401509date:2021-10-29T00:00:00
db:VULMONid:CVE-2021-40116date:2021-10-29T00:00:00
db:JVNDBid:JVNDB-2021-014297date:2022-10-12T07:17:00
db:CNNVDid:CNNVD-202110-1965date:2021-11-08T00:00:00
db:NVDid:CVE-2021-40116date:2023-11-07T03:38:28.713

SOURCES RELEASE DATE

db:VULHUBid:VHN-401509date:2021-10-27T00:00:00
db:VULMONid:CVE-2021-40116date:2021-10-27T00:00:00
db:JVNDBid:JVNDB-2021-014297date:2022-10-12T00:00:00
db:CNNVDid:CNNVD-202110-1965date:2021-10-27T00:00:00
db:NVDid:CVE-2021-40116date:2021-10-27T19:15:08.717