Details of VAR-202110-1352

ID

VAR-202110-1352

CVE

CVE-2021-40116

TITLE

plural Cisco products and Snort Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-014297

DESCRIPTION

Multiple Cisco products are affected by a vulnerability in Snort rules that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.The vulnerability is due to improper handling of the Block with Reset or Interactive Block with Reset actions if a rule is configured without proper constraints. An attacker could exploit this vulnerability by sending a crafted IP packet to the affected device. A successful exploit could allow the attacker to cause through traffic to be dropped. Note: Only products with Snort3 configured and either a rule with Block with Reset or Interactive Block with Reset actions configured are vulnerable. Products configured with Snort2 are not vulnerable. plural Cisco products and Snort Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state

Trust: 1.8

sources: NVD: CVE-2021-40116 // JVNDB: JVNDB-2021-014297 // VULHUB: VHN-401509 // VULMON: CVE-2021-40116

AFFECTED PRODUCTS

vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	7.0.0	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	3.1.0.1	Trust: 1.0
vendor:	snort	model:	snort	scope:	lt	version:	3.1.0.100	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	7.0.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.7.0.3	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.6.5.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.4.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.4.0.13	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.6.0	Trust: 1.0
vendor:	snort	model:	snort	scope:	gte	version:	3.0.0.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.7.0	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower management center	scope:	-	version:	-	Trust: 0.8
vendor:	snort	model:	snort	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-014297 // NVD: CVE-2021-40116

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-40116
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2021-40116
value:	HIGH
Trust: 1.0
NVD:	CVE-2021-40116
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202110-1965
value:	HIGH
Trust: 0.6
VULHUB:	VHN-401509
value:	HIGH
Trust: 0.1
VULMON:	CVE-2021-40116
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2021-40116
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-401509
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-40116
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2021-40116
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.0
version:	3.1
Trust: 1.0
NVD:	CVE-2021-40116
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-401509 // VULMON: CVE-2021-40116 // JVNDB: JVNDB-2021-014297 // CNNVD: CNNVD-202110-1965 // NVD: CVE-2021-40116 // NVD: CVE-2021-40116

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-241	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-014297 // NVD: CVE-2021-40116

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202110-1965

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202110-1965

PATCH

title:	Top Page Cisco Systems Cisco Security Advisory	url:	https://www.snort.org/	Trust: 0.8
title:	Cisco Products Snort Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167516	Trust: 0.6
title:	Cisco: Multiple Cisco Products Snort Rule Denial of Service Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-snort-dos-RywH7ezM	Trust: 0.1

sources: VULMON: CVE-2021-40116 // JVNDB: JVNDB-2021-014297 // CNNVD: CNNVD-202110-1965

EXTERNAL IDS

db:	NVD	id:	CVE-2021-40116	Trust: 3.4
db:	JVNDB	id:	JVNDB-2021-014297	Trust: 0.8
db:	CS-HELP	id:	SB2021102918	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3600	Trust: 0.6
db:	CNNVD	id:	CNNVD-202110-1965	Trust: 0.6
db:	VULHUB	id:	VHN-401509	Trust: 0.1
db:	VULMON	id:	CVE-2021-40116	Trust: 0.1

sources: VULHUB: VHN-401509 // VULMON: CVE-2021-40116 // JVNDB: JVNDB-2021-014297 // CNNVD: CNNVD-202110-1965 // NVD: CVE-2021-40116

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-snort-dos-rywh7ezm	Trust: 2.5
url:	https://nvd.nist.gov/vuln/detail/cve-2021-40116	Trust: 1.4
url:	https://www.auscert.org.au/bulletins/esb-2021.3600	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021102918	Trust: 0.6
url:	https://vigilance.fr/vulnerability/snort-denial-of-service-via-block-with-reset-36734	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-401509 // VULMON: CVE-2021-40116 // JVNDB: JVNDB-2021-014297 // CNNVD: CNNVD-202110-1965 // NVD: CVE-2021-40116

SOURCES

db:	VULHUB	id:	VHN-401509
db:	VULMON	id:	CVE-2021-40116
db:	JVNDB	id:	JVNDB-2021-014297
db:	CNNVD	id:	CNNVD-202110-1965
db:	NVD	id:	CVE-2021-40116

LAST UPDATE DATE

2024-08-14T12:09:01.328000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-401509	date:	2021-10-29T00:00:00
db:	VULMON	id:	CVE-2021-40116	date:	2021-10-29T00:00:00
db:	JVNDB	id:	JVNDB-2021-014297	date:	2022-10-12T07:17:00
db:	CNNVD	id:	CNNVD-202110-1965	date:	2021-11-08T00:00:00
db:	NVD	id:	CVE-2021-40116	date:	2023-11-07T03:38:28.713

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-401509	date:	2021-10-27T00:00:00
db:	VULMON	id:	CVE-2021-40116	date:	2021-10-27T00:00:00
db:	JVNDB	id:	JVNDB-2021-014297	date:	2022-10-12T00:00:00
db:	CNNVD	id:	CNNVD-202110-1965	date:	2021-10-27T00:00:00
db:	NVD	id:	CVE-2021-40116	date:	2021-10-27T19:15:08.717