Details of VAR-202110-1375

ID

VAR-202110-1375

CVE

CVE-2021-34794

TITLE

Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-014295

DESCRIPTION

A vulnerability in the Simple Network Management Protocol version 3 (SNMPv3) access control functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to query SNMP data. This vulnerability is due to ineffective access control. An attacker could exploit this vulnerability by sending an SNMPv3 query to an affected device from a host that is not permitted by the SNMPv3 access control list. A successful exploit could allow the attacker to send an SNMP query to an affected device and retrieve information from the device. The attacker would need valid credentials to perform the SNMP query

Trust: 1.8

sources: NVD: CVE-2021-34794 // JVNDB: JVNDB-2021-014295 // VULHUB: VHN-395036 // VULMON: CVE-2021-34794

AFFECTED PRODUCTS

vendor:	cisco	model:	asa 5555-x	scope:	eq	version:	099.015\(001.033\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.15.0	Trust: 1.0
vendor:	cisco	model:	asa 5525-x	scope:	eq	version:	099.016\(001.216\)	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.7.0.1	Trust: 1.0
vendor:	cisco	model:	asa 5505	scope:	eq	version:	099.016\(001.216\)	Trust: 1.0
vendor:	cisco	model:	asa 5585-x	scope:	eq	version:	099.015\(001.033\)	Trust: 1.0
vendor:	cisco	model:	asa 5505	scope:	eq	version:	009.014\(001\)	Trust: 1.0
vendor:	cisco	model:	asa 5515-x	scope:	eq	version:	099.015\(001.033\)	Trust: 1.0
vendor:	cisco	model:	asa 5512-x	scope:	eq	version:	009.014\(001\)	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.4.0	Trust: 1.0
vendor:	cisco	model:	asa 5512-x	scope:	eq	version:	099.016\(001.216\)	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.4.0.13	Trust: 1.0
vendor:	cisco	model:	asa 5545-x	scope:	eq	version:	009.014\(001\)	Trust: 1.0
vendor:	cisco	model:	asa 5545-x	scope:	eq	version:	099.016\(001.216\)	Trust: 1.0
vendor:	cisco	model:	asa 5580	scope:	eq	version:	099.015\(001.033\)	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.5.0	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	lt	version:	6.6.5	Trust: 1.0
vendor:	cisco	model:	asa 5585-x	scope:	eq	version:	099.016\(001.216\)	Trust: 1.0
vendor:	cisco	model:	asa 5525-x	scope:	eq	version:	099.015\(001.033\)	Trust: 1.0
vendor:	cisco	model:	asa 5585-x	scope:	eq	version:	009.014\(001\)	Trust: 1.0
vendor:	cisco	model:	firepower threat defense	scope:	gte	version:	6.7.0	Trust: 1.0
vendor:	cisco	model:	asa 5555-x	scope:	eq	version:	099.016\(001.216\)	Trust: 1.0
vendor:	cisco	model:	asa 5555-x	scope:	eq	version:	009.014\(001\)	Trust: 1.0
vendor:	cisco	model:	asa 5515-x	scope:	eq	version:	099.016\(001.216\)	Trust: 1.0
vendor:	cisco	model:	asa 5515-x	scope:	eq	version:	009.014\(001\)	Trust: 1.0
vendor:	cisco	model:	asa 5505	scope:	eq	version:	099.015\(001.033\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.14.2.4	Trust: 1.0
vendor:	cisco	model:	asa 5580	scope:	eq	version:	009.014\(001\)	Trust: 1.0
vendor:	cisco	model:	asa 5512-x	scope:	eq	version:	099.015\(001.033\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.15.1.7	Trust: 1.0
vendor:	cisco	model:	asa 5525-x	scope:	eq	version:	009.014\(001\)	Trust: 1.0
vendor:	cisco	model:	asa 5580	scope:	eq	version:	099.016\(001.216\)	Trust: 1.0
vendor:	cisco	model:	asa 5545-x	scope:	eq	version:	099.015\(001.033\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	gte	version:	9.14.0	Trust: 1.0
vendor:	シスコシステムズ	model:	asa 5512-x	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco adaptive security appliance ソフトウェア	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	asa 5505	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	asa 5525-x	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	asa 5545-x	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	asa 5585-x	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco firepower threat defense ソフトウェア	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	asa 5515-x	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	asa 5580	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	asa 5555-x	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-014295 // NVD: CVE-2021-34794

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-34794
value:	MEDIUM
Trust: 1.0
ykramarz@cisco.com:	CVE-2021-34794
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2021-34794
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202110-1964
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-395036
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2021-34794
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-34794
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-395036
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-34794
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.1
Trust: 2.0
NVD:	CVE-2021-34794
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-395036 // VULMON: CVE-2021-34794 // JVNDB: JVNDB-2021-014295 // CNNVD: CNNVD-202110-1964 // NVD: CVE-2021-34794 // NVD: CVE-2021-34794

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	CWE-284	Trust: 1.0
problemtype:	others (CWE-Other) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-014295 // NVD: CVE-2021-34794

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202110-1964

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-202110-1964

PATCH

title:	cisco-sa-asaftd-snmpaccess-M6yOweq3	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmpaccess-M6yOweq3	Trust: 0.8
title:	Cisco Firepower Threat Defense and Cisco Adaptive Security Appliances Software Fixes for access control error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=168884	Trust: 0.6
title:	Cisco: Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SNMP Access Control Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-asaftd-snmpaccess-M6yOweq3	Trust: 0.1

sources: VULMON: CVE-2021-34794 // JVNDB: JVNDB-2021-014295 // CNNVD: CNNVD-202110-1964

EXTERNAL IDS

db:	NVD	id:	CVE-2021-34794	Trust: 3.4
db:	JVNDB	id:	JVNDB-2021-014295	Trust: 0.8
db:	CS-HELP	id:	SB2021102901	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.3599	Trust: 0.6
db:	CNNVD	id:	CNNVD-202110-1964	Trust: 0.6
db:	VULHUB	id:	VHN-395036	Trust: 0.1
db:	VULMON	id:	CVE-2021-34794	Trust: 0.1

sources: VULHUB: VHN-395036 // VULMON: CVE-2021-34794 // JVNDB: JVNDB-2021-014295 // CNNVD: CNNVD-202110-1964 // NVD: CVE-2021-34794

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-asaftd-snmpaccess-m6yoweq3	Trust: 2.5
url:	https://nvd.nist.gov/vuln/detail/cve-2021-34794	Trust: 1.4
url:	https://www.cybersecurity-help.cz/vdb/sb2021102901	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.3599	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-asa-information-disclosure-via-snmp-access-36743	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-395036 // VULMON: CVE-2021-34794 // JVNDB: JVNDB-2021-014295 // CNNVD: CNNVD-202110-1964 // NVD: CVE-2021-34794

SOURCES

db:	VULHUB	id:	VHN-395036
db:	VULMON	id:	CVE-2021-34794
db:	JVNDB	id:	JVNDB-2021-014295
db:	CNNVD	id:	CNNVD-202110-1964
db:	NVD	id:	CVE-2021-34794

LAST UPDATE DATE

2024-08-14T13:23:14.285000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-395036	date:	2021-10-29T00:00:00
db:	VULMON	id:	CVE-2021-34794	date:	2021-10-29T00:00:00
db:	JVNDB	id:	JVNDB-2021-014295	date:	2022-10-12T07:17:00
db:	CNNVD	id:	CNNVD-202110-1964	date:	2021-11-08T00:00:00
db:	NVD	id:	CVE-2021-34794	date:	2023-11-07T03:36:26.490

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-395036	date:	2021-10-27T00:00:00
db:	VULMON	id:	CVE-2021-34794	date:	2021-10-27T00:00:00
db:	JVNDB	id:	JVNDB-2021-014295	date:	2022-10-12T00:00:00
db:	CNNVD	id:	CNNVD-202110-1964	date:	2021-10-27T00:00:00
db:	NVD	id:	CVE-2021-34794	date:	2021-10-27T19:15:08.613