Details of VAR-202110-1354

ID

VAR-202110-1354

CVE

CVE-2021-34787

TITLE

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Vulnerability in handling exceptional conditions in

Trust: 0.8

sources: JVNDB: JVNDB-2021-014290

DESCRIPTION

A vulnerability in the identity-based firewall (IDFW) rule processing feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass security protections. This vulnerability is due to improper handling of network requests by affected devices configured to use object group search. An attacker could exploit this vulnerability by sending a specially crafted network request to an affected device. A successful exploit could allow the attacker to bypass access control list (ACL) rules on the device, bypass security protections, and send network traffic to unauthorized hosts

Trust: 1.8

sources: NVD: CVE-2021-34787 // JVNDB: JVNDB-2021-014290 // VULHUB: VHN-395029 // VULMON: CVE-2021-34787

AFFECTED PRODUCTS

vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	7.0.0	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.15.0	Trust: 1.0
vendor:	cisco	model:	asa 5512-x	scope:	eq	version:	009.012	Trust: 1.0
vendor:	cisco	model:	asa 5545-x	scope:	eq	version:	009.009	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.12.4.25	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	7.0.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.7.0.3	Trust: 1.0
vendor:	cisco	model:	asa 5545-x	scope:	eq	version:	009.012	Trust: 1.0
vendor:	cisco	model:	asa 5555-x	scope:	eq	version:	009.009	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.15.1.17	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.14.3.1	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.4.0.13	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.16.0	Trust: 1.0
vendor:	cisco	model:	asa 5585-x	scope:	eq	version:	009.009	Trust: 1.0
vendor:	cisco	model:	asa 5515-x	scope:	eq	version:	009.009	Trust: 1.0
vendor:	cisco	model:	asa 5555-x	scope:	eq	version:	009.012	Trust: 1.0
vendor:	cisco	model:	asa 5585-x	scope:	eq	version:	009.012	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.5.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.6.5	Trust: 1.0
vendor:	cisco	model:	asa 5515-x	scope:	eq	version:	009.012	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.16.1.28	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.7.0	Trust: 1.0
vendor:	cisco	model:	asa 5580	scope:	eq	version:	009.009	Trust: 1.0
vendor:	cisco	model:	asa 5505	scope:	eq	version:	009.012	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance	scope:	lt	version:	9.8.4.40	Trust: 1.0
vendor:	cisco	model:	asa 5525-x	scope:	eq	version:	009.009	Trust: 1.0
vendor:	cisco	model:	asa 5580	scope:	eq	version:	009.012	Trust: 1.0
vendor:	cisco	model:	asa 5525-x	scope:	eq	version:	009.012	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.13.0	Trust: 1.0
vendor:	cisco	model:	asa 5505	scope:	eq	version:	009.009	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.9.0	Trust: 1.0
vendor:	cisco	model:	asa 5512-x	scope:	eq	version:	009.009	Trust: 1.0
vendor:	シスコシステムズ	model:	asa 5512-x	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco adaptive security appliance ソフトウェア	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	asa 5505	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	asa 5525-x	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	asa 5545-x	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	asa 5585-x	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	asa 5515-x	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	asa 5580	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	asa 5555-x	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-014290 // NVD: CVE-2021-34787

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-34787
value:	MEDIUM
Trust: 1.0
ykramarz@cisco.com:	CVE-2021-34787
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2021-34787
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202110-1967
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-395029
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2021-34787
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-34787
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-395029
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-34787
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.1
Trust: 2.0
NVD:	CVE-2021-34787
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-395029 // VULMON: CVE-2021-34787 // JVNDB: JVNDB-2021-014290 // CNNVD: CNNVD-202110-1967 // NVD: CVE-2021-34787 // NVD: CVE-2021-34787

PROBLEMTYPE DATA

problemtype:	CWE-755	Trust: 1.1
problemtype:	CWE-183	Trust: 1.0
problemtype:	Improper handling in exceptional conditions (CWE-755) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-395029 // JVNDB: JVNDB-2021-014290 // NVD: CVE-2021-34787

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202110-1967

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202110-1967

PATCH

title:	cisco-sa-asaftd-rule-bypass-ejjOgQEY	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-ejjOgQEY	Trust: 0.8
title:	Cisco Firepower Threat Defense ( FTD )with Cisco Adaptive Security Appliances Software ( ASA Software ) Repair measures for security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167518	Trust: 0.6
title:	Cisco: Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Identity-Based Rule Bypass Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-asaftd-rule-bypass-ejjOgQEY	Trust: 0.1
title:	Description Content Install Usage Automation Examples	url:	https://github.com/eeenvik1/scripts_for_YouTrack	Trust: 0.1

sources: VULMON: CVE-2021-34787 // JVNDB: JVNDB-2021-014290 // CNNVD: CNNVD-202110-1967

EXTERNAL IDS

db:	NVD	id:	CVE-2021-34787	Trust: 3.4
db:	JVNDB	id:	JVNDB-2021-014290	Trust: 0.8
db:	CS-HELP	id:	SB2021102809	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3599	Trust: 0.6
db:	CNNVD	id:	CNNVD-202110-1967	Trust: 0.6
db:	VULHUB	id:	VHN-395029	Trust: 0.1
db:	VULMON	id:	CVE-2021-34787	Trust: 0.1

sources: VULHUB: VHN-395029 // VULMON: CVE-2021-34787 // JVNDB: JVNDB-2021-014290 // CNNVD: CNNVD-202110-1967 // NVD: CVE-2021-34787

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-asaftd-rule-bypass-ejjogqey	Trust: 2.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-34787	Trust: 1.4
url:	https://vigilance.fr/vulnerability/cisco-asa-egress-filtrering-bypass-via-idfw-36744	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3599	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021102809	Trust: 0.6

sources: VULHUB: VHN-395029 // JVNDB: JVNDB-2021-014290 // CNNVD: CNNVD-202110-1967 // NVD: CVE-2021-34787

SOURCES

db:	VULHUB	id:	VHN-395029
db:	VULMON	id:	CVE-2021-34787
db:	JVNDB	id:	JVNDB-2021-014290
db:	CNNVD	id:	CNNVD-202110-1967
db:	NVD	id:	CVE-2021-34787

LAST UPDATE DATE

2024-08-14T13:23:14.401000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-395029	date:	2021-10-29T00:00:00
db:	VULMON	id:	CVE-2021-34787	date:	2023-11-07T00:00:00
db:	JVNDB	id:	JVNDB-2021-014290	date:	2022-10-12T07:17:00
db:	CNNVD	id:	CNNVD-202110-1967	date:	2021-11-08T00:00:00
db:	NVD	id:	CVE-2021-34787	date:	2023-11-07T03:36:25.047

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-395029	date:	2021-10-27T00:00:00
db:	VULMON	id:	CVE-2021-34787	date:	2021-10-27T00:00:00
db:	JVNDB	id:	JVNDB-2021-014290	date:	2022-10-12T00:00:00
db:	CNNVD	id:	CNNVD-202110-1967	date:	2021-10-27T00:00:00
db:	NVD	id:	CVE-2021-34787	date:	2021-10-27T19:15:08.347