Details of VAR-202110-1353

ID

VAR-202110-1353

CVE

CVE-2021-40114

TITLE

plural Cisco products and Snort Vulnerability regarding lack of memory release after expiration in

Trust: 0.8

sources: JVNDB: JVNDB-2021-014296

DESCRIPTION

Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper memory resource management while the Snort detection engine is processing ICMP packets. An attacker could exploit this vulnerability by sending a series of ICMP packets through an affected device. A successful exploit could allow the attacker to exhaust resources on the affected device, causing the device to reload. plural Cisco products and Snort Contains a vulnerability regarding the lack of free memory after expiration.Service operation interruption (DoS) It may be in a state. For the stable distribution (bullseye), these problems have been fixed in version 2.9.20-0+deb11u1. We recommend that you upgrade your snort packages. For the detailed security status of snort please refer to its security tracker page at: https://security-tracker.debian.org/tracker/snort Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmPw/Y5fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeQRrA/9EQ9kF1LT2fYUGFMyKeCQQFTB8tfIsyz2VUrGUtWlVDKsDVqfEMWa6Zwx rAaFnAPOBi1KNX1laencuphuiDIxLmvA0ShpHKo/R3vY4WXmNwJMjPWNr82oTw8j CEggyfj9i5V1EwZZi0B3L4WP1pCQcJRN6XVB3FJWZScyQFtRH0xO7l9acIV68lTs 9hGDDe2wn5ufHh0sXskZitgYoXfdHjjl3CzFxrmGGDq9KFr8rDIEUnZrm58DCRNL RkDmvxrEEsXGmzQlhT/2ea88aIXgNM4xnDztr3iV1v8JOMb6BwehrH43NgdDb5V8 6xBcHuXOLNI75mca1TQxwUd8PSNo3YK60IbDC2ztcUIIvl1xk8bDFyABb3gKvGoR izKFYej4hNeZb+0HWHsnO9vvP4t6LkKF/iIGNNVNmA9ZJA94ESCfItSozIITqRE2 sJQ43X9uQhX2p/dfeyNoOJDhie0RyZyg0rPxIDNonP1YJ8kTjMMHnRNqGn9MkVYK bNr1/sdLhH0TXvs5XoL9b9YjUPL67hDHL9bHLByOKNSxXrth+TcqFX+eg7Bztn1A vS4Sc2TWCuBa3jdrS9WJiy58aB1sTABRhN+tY4wVs+A9vIr1dKHn4wsB8axmpYDW cyzVbz9Q+fC+gXwDusZccBqfD7rByEFWXflBFI4PDXRrW+NPy8w\xdb5k -----END PGP SIGNATURE-----

Trust: 1.89

sources: NVD: CVE-2021-40114 // JVNDB: JVNDB-2021-014296 // VULHUB: VHN-401507 // VULMON: CVE-2021-40114 // PACKETSTORM: 171060

AFFECTED PRODUCTS

vendor:	cisco	model:	unified threat defense	scope:	lt	version:	17.4.2	Trust: 1.0
vendor:	cisco	model:	unified threat defense	scope:	lt	version:	16.12.6	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	2.9.14.0	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	2.9.16	Trust: 1.0
vendor:	cisco	model:	unified threat defense	scope:	gte	version:	17.3	Trust: 1.0
vendor:	snort	model:	snort	scope:	gte	version:	2.0.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.6.3	Trust: 1.0
vendor:	cisco	model:	unified threat defense	scope:	lt	version:	17.3.4a	Trust: 1.0
vendor:	cisco	model:	unified threat defense	scope:	gte	version:	17.4	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.4.0.12	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.7.0.2	Trust: 1.0
vendor:	snort	model:	snort	scope:	lt	version:	2.9.18	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	2.9.15	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.5.0	Trust: 1.0
vendor:	cisco	model:	unified threat defense	scope:	gte	version:	16.12	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.7.0	Trust: 1.0
vendor:	cisco	model:	firepower management center	scope:	eq	version:	2.9.17	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower management center	scope:	-	version:	-	Trust: 0.8
vendor:	snort	model:	snort	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-014296 // NVD: CVE-2021-40114

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-40114
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2021-40114
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2021-40114
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202110-1976
value:	HIGH
Trust: 0.6
VULHUB:	VHN-401507
value:	HIGH
Trust: 0.1
VULMON:	CVE-2021-40114
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2021-40114
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-401507
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-40114
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
ykramarz@cisco.com:	CVE-2021-40114
baseSeverity:	MEDIUM
baseScore:	6.8
vectorString:	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.2
impactScore:	4.0
version:	3.1
Trust: 1.0
NVD:	CVE-2021-40114
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-401507 // VULMON: CVE-2021-40114 // JVNDB: JVNDB-2021-014296 // CNNVD: CNNVD-202110-1976 // NVD: CVE-2021-40114 // NVD: CVE-2021-40114

PROBLEMTYPE DATA

problemtype:	CWE-401	Trust: 1.1
problemtype:	CWE-770	Trust: 1.0
problemtype:	Lack of memory release after expiration (CWE-401) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-401507 // JVNDB: JVNDB-2021-014296 // NVD: CVE-2021-40114

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 171060 // CNNVD: CNNVD-202110-1976

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202110-1976

PATCH

title:	Top Page Cisco Systems Cisco Security Advisory	url:	https://www.snort.org/	Trust: 0.8
title:	Cisco Products Snort Security vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=168885	Trust: 0.6
title:	Cisco: Multiple Cisco Products Snort Memory Leak Denial of Service Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-snort-dos-s2R7W9UU	Trust: 0.1
title:	Debian CVElist Bug Report Logs: snort: CVE-2020-3315 CVE-2021-1223 CVE-2021-1224 CVE-2021-1494 CVE-2021-1495 CVE-2021-34749 CVE-2021-40114	url:	https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=1773b4dd82d4d83f1431e21300c33475	Trust: 0.1
title:	Debian Security Advisories: DSA-5354-1 snort -- security update	url:	https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=6ecec49445da07dca8fb53a5a107855c	Trust: 0.1
title:	-	url:	https://github.com/Live-Hack-CVE/CVE-2021-40114	Trust: 0.1

sources: VULMON: CVE-2021-40114 // JVNDB: JVNDB-2021-014296 // CNNVD: CNNVD-202110-1976

EXTERNAL IDS

db:	NVD	id:	CVE-2021-40114	Trust: 3.5
db:	JVNDB	id:	JVNDB-2021-014296	Trust: 0.8
db:	AUSCERT	id:	ESB-2021.3600	Trust: 0.6
db:	AUSCERT	id:	ESB-2023.1047	Trust: 0.6
db:	AUSCERT	id:	ESB-2023.0833	Trust: 0.6
db:	CS-HELP	id:	SB2021102917	Trust: 0.6
db:	CNNVD	id:	CNNVD-202110-1976	Trust: 0.6
db:	PACKETSTORM	id:	171060	Trust: 0.2
db:	VULHUB	id:	VHN-401507	Trust: 0.1
db:	VULMON	id:	CVE-2021-40114	Trust: 0.1

sources: VULHUB: VHN-401507 // VULMON: CVE-2021-40114 // JVNDB: JVNDB-2021-014296 // PACKETSTORM: 171060 // CNNVD: CNNVD-202110-1976 // NVD: CVE-2021-40114

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-snort-dos-s2r7w9uu	Trust: 2.5
url:	https://www.debian.org/security/2023/dsa-5354	Trust: 1.8
url:	https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2021-40114	Trust: 1.5
url:	https://www.auscert.org.au/bulletins/esb-2021.3600	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021102917	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2023.0833	Trust: 0.6
url:	https://vigilance.fr/vulnerability/snort-memory-leak-via-icmp-traffic-36735	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2023.1047	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/401.html	Trust: 0.1
url:	https://github.com/live-hack-cve/cve-2021-40114	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-34749	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1495	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3299	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1223	Trust: 0.1
url:	https://www.debian.org/security/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3315	Trust: 0.1
url:	https://security-tracker.debian.org/tracker/snort	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1236	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1494	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1224	Trust: 0.1
url:	https://www.debian.org/security/faq	Trust: 0.1

sources: VULHUB: VHN-401507 // VULMON: CVE-2021-40114 // JVNDB: JVNDB-2021-014296 // PACKETSTORM: 171060 // CNNVD: CNNVD-202110-1976 // NVD: CVE-2021-40114

CREDITS

Debian

Trust: 0.1

sources: PACKETSTORM: 171060

SOURCES

db:	VULHUB	id:	VHN-401507
db:	VULMON	id:	CVE-2021-40114
db:	JVNDB	id:	JVNDB-2021-014296
db:	PACKETSTORM	id:	171060
db:	CNNVD	id:	CNNVD-202110-1976
db:	NVD	id:	CVE-2021-40114

LAST UPDATE DATE

2024-08-14T12:51:26.077000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-401507	date:	2023-02-19T00:00:00
db:	VULMON	id:	CVE-2021-40114	date:	2023-02-19T00:00:00
db:	JVNDB	id:	JVNDB-2021-014296	date:	2022-10-12T07:17:00
db:	CNNVD	id:	CNNVD-202110-1976	date:	2023-02-21T00:00:00
db:	NVD	id:	CVE-2021-40114	date:	2023-11-07T03:38:28.330

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-401507	date:	2021-10-27T00:00:00
db:	VULMON	id:	CVE-2021-40114	date:	2021-10-27T00:00:00
db:	JVNDB	id:	JVNDB-2021-014296	date:	2022-10-12T00:00:00
db:	PACKETSTORM	id:	171060	date:	2023-02-20T16:53:59
db:	CNNVD	id:	CNNVD-202110-1976	date:	2021-10-27T00:00:00
db:	NVD	id:	CVE-2021-40114	date:	2021-10-27T19:15:08.667