ID

VAR-202110-1375


CVE

CVE-2021-34794


TITLE

Cisco Adaptive Security Appliance Software  and  Cisco Firepower Threat Defense Software  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-014295

DESCRIPTION

A vulnerability in the Simple Network Management Protocol version 3 (SNMPv3) access control functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to query SNMP data. This vulnerability is due to ineffective access control. An attacker could exploit this vulnerability by sending an SNMPv3 query to an affected device from a host that is not permitted by the SNMPv3 access control list. A successful exploit could allow the attacker to send an SNMP query to an affected device and retrieve information from the device. The attacker would need valid credentials to perform the SNMP query

Trust: 1.8

sources: NVD: CVE-2021-34794 // JVNDB: JVNDB-2021-014295 // VULHUB: VHN-395036 // VULMON: CVE-2021-34794

AFFECTED PRODUCTS

vendor:ciscomodel:asa 5555-xscope:eqversion:099.015\(001.033\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.15.0

Trust: 1.0

vendor:ciscomodel:asa 5525-xscope:eqversion:099.016\(001.216\)

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.7.0.1

Trust: 1.0

vendor:ciscomodel:asa 5505scope:eqversion:099.016\(001.216\)

Trust: 1.0

vendor:ciscomodel:asa 5585-xscope:eqversion:099.015\(001.033\)

Trust: 1.0

vendor:ciscomodel:asa 5505scope:eqversion:009.014\(001\)

Trust: 1.0

vendor:ciscomodel:asa 5515-xscope:eqversion:099.015\(001.033\)

Trust: 1.0

vendor:ciscomodel:asa 5512-xscope:eqversion:009.014\(001\)

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.4.0

Trust: 1.0

vendor:ciscomodel:asa 5512-xscope:eqversion:099.016\(001.216\)

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.4.0.13

Trust: 1.0

vendor:ciscomodel:asa 5545-xscope:eqversion:009.014\(001\)

Trust: 1.0

vendor:ciscomodel:asa 5545-xscope:eqversion:099.016\(001.216\)

Trust: 1.0

vendor:ciscomodel:asa 5580scope:eqversion:099.015\(001.033\)

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.5.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.6.5

Trust: 1.0

vendor:ciscomodel:asa 5585-xscope:eqversion:099.016\(001.216\)

Trust: 1.0

vendor:ciscomodel:asa 5525-xscope:eqversion:099.015\(001.033\)

Trust: 1.0

vendor:ciscomodel:asa 5585-xscope:eqversion:009.014\(001\)

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.7.0

Trust: 1.0

vendor:ciscomodel:asa 5555-xscope:eqversion:099.016\(001.216\)

Trust: 1.0

vendor:ciscomodel:asa 5555-xscope:eqversion:009.014\(001\)

Trust: 1.0

vendor:ciscomodel:asa 5515-xscope:eqversion:099.016\(001.216\)

Trust: 1.0

vendor:ciscomodel:asa 5515-xscope:eqversion:009.014\(001\)

Trust: 1.0

vendor:ciscomodel:asa 5505scope:eqversion:099.015\(001.033\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.14.2.4

Trust: 1.0

vendor:ciscomodel:asa 5580scope:eqversion:009.014\(001\)

Trust: 1.0

vendor:ciscomodel:asa 5512-xscope:eqversion:099.015\(001.033\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.15.1.7

Trust: 1.0

vendor:ciscomodel:asa 5525-xscope:eqversion:009.014\(001\)

Trust: 1.0

vendor:ciscomodel:asa 5580scope:eqversion:099.016\(001.216\)

Trust: 1.0

vendor:ciscomodel:asa 5545-xscope:eqversion:099.015\(001.033\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.14.0

Trust: 1.0

vendor:シスコシステムズmodel:asa 5512-xscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco adaptive security appliance ソフトウェアscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:asa 5505scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:asa 5525-xscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:asa 5545-xscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:asa 5585-xscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco firepower threat defense ソフトウェアscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:asa 5515-xscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:asa 5580scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:asa 5555-xscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-014295 // NVD: CVE-2021-34794

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-34794
value: MEDIUM

Trust: 1.0

ykramarz@cisco.com: CVE-2021-34794
value: MEDIUM

Trust: 1.0

NVD: CVE-2021-34794
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202110-1964
value: MEDIUM

Trust: 0.6

VULHUB: VHN-395036
value: MEDIUM

Trust: 0.1

VULMON: CVE-2021-34794
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-34794
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-395036
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-34794
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 2.0

NVD: CVE-2021-34794
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-395036 // VULMON: CVE-2021-34794 // JVNDB: JVNDB-2021-014295 // CNNVD: CNNVD-202110-1964 // NVD: CVE-2021-34794 // NVD: CVE-2021-34794

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:CWE-284

Trust: 1.0

problemtype:others (CWE-Other) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-014295 // NVD: CVE-2021-34794

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202110-1964

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-202110-1964

PATCH

title:cisco-sa-asaftd-snmpaccess-M6yOweq3url:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-snmpaccess-M6yOweq3

Trust: 0.8

title:Cisco Firepower Threat Defense and Cisco Adaptive Security Appliances Software Fixes for access control error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=168884

Trust: 0.6

title:Cisco: Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SNMP Access Control Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-asaftd-snmpaccess-M6yOweq3

Trust: 0.1

sources: VULMON: CVE-2021-34794 // JVNDB: JVNDB-2021-014295 // CNNVD: CNNVD-202110-1964

EXTERNAL IDS

db:NVDid:CVE-2021-34794

Trust: 3.4

db:JVNDBid:JVNDB-2021-014295

Trust: 0.8

db:CS-HELPid:SB2021102901

Trust: 0.6

db:AUSCERTid:ESB-2021.3599

Trust: 0.6

db:CNNVDid:CNNVD-202110-1964

Trust: 0.6

db:VULHUBid:VHN-395036

Trust: 0.1

db:VULMONid:CVE-2021-34794

Trust: 0.1

sources: VULHUB: VHN-395036 // VULMON: CVE-2021-34794 // JVNDB: JVNDB-2021-014295 // CNNVD: CNNVD-202110-1964 // NVD: CVE-2021-34794

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-asaftd-snmpaccess-m6yoweq3

Trust: 2.5

url:https://nvd.nist.gov/vuln/detail/cve-2021-34794

Trust: 1.4

url:https://www.cybersecurity-help.cz/vdb/sb2021102901

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3599

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-asa-information-disclosure-via-snmp-access-36743

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-395036 // VULMON: CVE-2021-34794 // JVNDB: JVNDB-2021-014295 // CNNVD: CNNVD-202110-1964 // NVD: CVE-2021-34794

SOURCES

db:VULHUBid:VHN-395036
db:VULMONid:CVE-2021-34794
db:JVNDBid:JVNDB-2021-014295
db:CNNVDid:CNNVD-202110-1964
db:NVDid:CVE-2021-34794

LAST UPDATE DATE

2024-08-14T13:23:14.285000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-395036date:2021-10-29T00:00:00
db:VULMONid:CVE-2021-34794date:2021-10-29T00:00:00
db:JVNDBid:JVNDB-2021-014295date:2022-10-12T07:17:00
db:CNNVDid:CNNVD-202110-1964date:2021-11-08T00:00:00
db:NVDid:CVE-2021-34794date:2023-11-07T03:36:26.490

SOURCES RELEASE DATE

db:VULHUBid:VHN-395036date:2021-10-27T00:00:00
db:VULMONid:CVE-2021-34794date:2021-10-27T00:00:00
db:JVNDBid:JVNDB-2021-014295date:2022-10-12T00:00:00
db:CNNVDid:CNNVD-202110-1964date:2021-10-27T00:00:00
db:NVDid:CVE-2021-34794date:2021-10-27T19:15:08.613