ID

VAR-202110-1354


CVE

CVE-2021-34787


TITLE

Cisco Adaptive Security Appliance Software  and  Firepower Threat Defense Software  Vulnerability in handling exceptional conditions in

Trust: 0.8

sources: JVNDB: JVNDB-2021-014290

DESCRIPTION

A vulnerability in the identity-based firewall (IDFW) rule processing feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass security protections. This vulnerability is due to improper handling of network requests by affected devices configured to use object group search. An attacker could exploit this vulnerability by sending a specially crafted network request to an affected device. A successful exploit could allow the attacker to bypass access control list (ACL) rules on the device, bypass security protections, and send network traffic to unauthorized hosts

Trust: 1.8

sources: NVD: CVE-2021-34787 // JVNDB: JVNDB-2021-014290 // VULHUB: VHN-395029 // VULMON: CVE-2021-34787

AFFECTED PRODUCTS

vendor:ciscomodel:firepower threat defensescope:gteversion:7.0.0

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.15.0

Trust: 1.0

vendor:ciscomodel:asa 5512-xscope:eqversion:009.012

Trust: 1.0

vendor:ciscomodel:asa 5545-xscope:eqversion:009.009

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.12.4.25

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:7.0.1

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.7.0.3

Trust: 1.0

vendor:ciscomodel:asa 5545-xscope:eqversion:009.012

Trust: 1.0

vendor:ciscomodel:asa 5555-xscope:eqversion:009.009

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.15.1.17

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.14.3.1

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.4.0.13

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.16.0

Trust: 1.0

vendor:ciscomodel:asa 5585-xscope:eqversion:009.009

Trust: 1.0

vendor:ciscomodel:asa 5515-xscope:eqversion:009.009

Trust: 1.0

vendor:ciscomodel:asa 5555-xscope:eqversion:009.012

Trust: 1.0

vendor:ciscomodel:asa 5585-xscope:eqversion:009.012

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.5.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.6.5

Trust: 1.0

vendor:ciscomodel:asa 5515-xscope:eqversion:009.012

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.16.1.28

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.7.0

Trust: 1.0

vendor:ciscomodel:asa 5580scope:eqversion:009.009

Trust: 1.0

vendor:ciscomodel:asa 5505scope:eqversion:009.012

Trust: 1.0

vendor:ciscomodel:adaptive security appliancescope:ltversion:9.8.4.40

Trust: 1.0

vendor:ciscomodel:asa 5525-xscope:eqversion:009.009

Trust: 1.0

vendor:ciscomodel:asa 5580scope:eqversion:009.012

Trust: 1.0

vendor:ciscomodel:asa 5525-xscope:eqversion:009.012

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.13.0

Trust: 1.0

vendor:ciscomodel:asa 5505scope:eqversion:009.009

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.9.0

Trust: 1.0

vendor:ciscomodel:asa 5512-xscope:eqversion:009.009

Trust: 1.0

vendor:シスコシステムズmodel:asa 5512-xscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco adaptive security appliance ソフトウェアscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:asa 5505scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:asa 5525-xscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:asa 5545-xscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:asa 5585-xscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco firepower threat defense ソフトウェアscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:asa 5515-xscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:asa 5580scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:asa 5555-xscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-014290 // NVD: CVE-2021-34787

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-34787
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2021-34787
value: MEDIUM

Trust: 1.0

NVD: CVE-2021-34787
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202110-1967
value: MEDIUM

Trust: 0.6

VULHUB: VHN-395029
value: MEDIUM

Trust: 0.1

VULMON: CVE-2021-34787
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-34787
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-395029
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-34787
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 2.0

NVD: CVE-2021-34787
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-395029 // VULMON: CVE-2021-34787 // JVNDB: JVNDB-2021-014290 // CNNVD: CNNVD-202110-1967 // NVD: CVE-2021-34787 // NVD: CVE-2021-34787

PROBLEMTYPE DATA

problemtype:CWE-755

Trust: 1.1

problemtype:CWE-183

Trust: 1.0

problemtype:Improper handling in exceptional conditions (CWE-755) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-395029 // JVNDB: JVNDB-2021-014290 // NVD: CVE-2021-34787

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202110-1967

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202110-1967

PATCH

title:cisco-sa-asaftd-rule-bypass-ejjOgQEYurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-ejjOgQEY

Trust: 0.8

title:Cisco Firepower Threat Defense ( FTD )with Cisco Adaptive Security Appliances Software ( ASA Software ) Repair measures for security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167518

Trust: 0.6

title:Cisco: Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Identity-Based Rule Bypass Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-asaftd-rule-bypass-ejjOgQEY

Trust: 0.1

title:Description Content Install Usage Automation Examplesurl:https://github.com/eeenvik1/scripts_for_YouTrack

Trust: 0.1

sources: VULMON: CVE-2021-34787 // JVNDB: JVNDB-2021-014290 // CNNVD: CNNVD-202110-1967

EXTERNAL IDS

db:NVDid:CVE-2021-34787

Trust: 3.4

db:JVNDBid:JVNDB-2021-014290

Trust: 0.8

db:CS-HELPid:SB2021102809

Trust: 0.6

db:AUSCERTid:ESB-2021.3599

Trust: 0.6

db:CNNVDid:CNNVD-202110-1967

Trust: 0.6

db:VULHUBid:VHN-395029

Trust: 0.1

db:VULMONid:CVE-2021-34787

Trust: 0.1

sources: VULHUB: VHN-395029 // VULMON: CVE-2021-34787 // JVNDB: JVNDB-2021-014290 // CNNVD: CNNVD-202110-1967 // NVD: CVE-2021-34787

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-asaftd-rule-bypass-ejjogqey

Trust: 2.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-34787

Trust: 1.4

url:https://vigilance.fr/vulnerability/cisco-asa-egress-filtrering-bypass-via-idfw-36744

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3599

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021102809

Trust: 0.6

sources: VULHUB: VHN-395029 // JVNDB: JVNDB-2021-014290 // CNNVD: CNNVD-202110-1967 // NVD: CVE-2021-34787

SOURCES

db:VULHUBid:VHN-395029
db:VULMONid:CVE-2021-34787
db:JVNDBid:JVNDB-2021-014290
db:CNNVDid:CNNVD-202110-1967
db:NVDid:CVE-2021-34787

LAST UPDATE DATE

2024-08-14T13:23:14.401000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-395029date:2021-10-29T00:00:00
db:VULMONid:CVE-2021-34787date:2023-11-07T00:00:00
db:JVNDBid:JVNDB-2021-014290date:2022-10-12T07:17:00
db:CNNVDid:CNNVD-202110-1967date:2021-11-08T00:00:00
db:NVDid:CVE-2021-34787date:2023-11-07T03:36:25.047

SOURCES RELEASE DATE

db:VULHUBid:VHN-395029date:2021-10-27T00:00:00
db:VULMONid:CVE-2021-34787date:2021-10-27T00:00:00
db:JVNDBid:JVNDB-2021-014290date:2022-10-12T00:00:00
db:CNNVDid:CNNVD-202110-1967date:2021-10-27T00:00:00
db:NVDid:CVE-2021-34787date:2021-10-27T19:15:08.347