ID

VAR-202110-1376


CVE

CVE-2021-34793


TITLE

Cisco Adaptive Security Appliance Software  and  Firepower Threat Defense Software  Improper enforcement of integrity of messages in transit over communication channels in

Trust: 0.8

sources: JVNDB: JVNDB-2021-014294

DESCRIPTION

A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software operating in transparent mode could allow an unauthenticated, remote attacker to poison MAC address tables, resulting in a denial of service (DoS) vulnerability. This vulnerability is due to incorrect handling of certain TCP segments when the affected device is operating in transparent mode. An attacker could exploit this vulnerability by sending a crafted TCP segment through an affected device. A successful exploit could allow the attacker to poison the MAC address tables in adjacent devices, resulting in network disruption

Trust: 1.71

sources: NVD: CVE-2021-34793 // JVNDB: JVNDB-2021-014294 // VULHUB: VHN-395035

AFFECTED PRODUCTS

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.15.0

Trust: 1.0

vendor:ciscomodel:asa 5545-xscope:eqversion:009.008\(004.025\)

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.7.0.3

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.16.2.3

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.14.3.9

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.15.1.17

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.16.0

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.4.0.13

Trust: 1.0

vendor:ciscomodel:asa 5585-xscope:eqversion:009.008\(004.025\)

Trust: 1.0

vendor:ciscomodel:asa 5555-xscope:eqversion:009.008\(004.025\)

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.5.0

Trust: 1.0

vendor:ciscomodel:asa 5515-xscope:eqversion:009.008\(004.025\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:ltversion:9.12.4.29

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:ltversion:6.6.5

Trust: 1.0

vendor:ciscomodel:firepower threat defensescope:gteversion:6.7.0

Trust: 1.0

vendor:ciscomodel:asa 5580scope:eqversion:009.008\(004.025\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliancescope:ltversion:9.8.4.40

Trust: 1.0

vendor:ciscomodel:asa 5525-xscope:eqversion:009.008\(004.025\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.13.0

Trust: 1.0

vendor:ciscomodel:asa 5505scope:eqversion:009.008\(004.025\)

Trust: 1.0

vendor:ciscomodel:adaptive security appliance softwarescope:gteversion:9.9.0

Trust: 1.0

vendor:ciscomodel:asa 5512-xscope:eqversion:009.008\(004.025\)

Trust: 1.0

vendor:シスコシステムズmodel:asa 5512-xscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco adaptive security appliance ソフトウェアscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:asa 5505scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:asa 5525-xscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:asa 5545-xscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:asa 5585-xscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco firepower threat defense ソフトウェアscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:asa 5515-xscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:asa 5580scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:asa 5555-xscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-014294 // NVD: CVE-2021-34793

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-34793
value: HIGH

Trust: 1.0

ykramarz@cisco.com: CVE-2021-34793
value: HIGH

Trust: 1.0

NVD: CVE-2021-34793
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202110-1922
value: HIGH

Trust: 0.6

VULHUB: VHN-395035
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-34793
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-395035
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-34793
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.1

Trust: 2.0

NVD: CVE-2021-34793
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-395035 // JVNDB: JVNDB-2021-014294 // CNNVD: CNNVD-202110-1922 // NVD: CVE-2021-34793 // NVD: CVE-2021-34793

PROBLEMTYPE DATA

problemtype:CWE-924

Trust: 1.0

problemtype:Improper enforcement of message integrity in transit over communication channels (CWE-924) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-014294 // NVD: CVE-2021-34793

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202110-1922

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202110-1922

PATCH

title:cisco-sa-asa-ftd-dos-JxYWMJyLurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-JxYWMJyL

Trust: 0.8

title:Cisco Firepower Threat Defense ( FTD )with Cisco Adaptive Security Appliances Software ( ASA Software ) Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=167473

Trust: 0.6

sources: JVNDB: JVNDB-2021-014294 // CNNVD: CNNVD-202110-1922

EXTERNAL IDS

db:NVDid:CVE-2021-34793

Trust: 3.3

db:JVNDBid:JVNDB-2021-014294

Trust: 0.8

db:AUSCERTid:ESB-2021.3582

Trust: 0.6

db:CS-HELPid:SB2021102803

Trust: 0.6

db:CNNVDid:CNNVD-202110-1922

Trust: 0.6

db:VULHUBid:VHN-395035

Trust: 0.1

sources: VULHUB: VHN-395035 // JVNDB: JVNDB-2021-014294 // CNNVD: CNNVD-202110-1922 // NVD: CVE-2021-34793

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-asa-ftd-dos-jxywmjyl

Trust: 2.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-34793

Trust: 1.4

url:https://www.cybersecurity-help.cz/vdb/sb2021102803

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.3582

Trust: 0.6

url:https://vigilance.fr/vulnerability/cisco-asa-denial-of-service-via-transparent-mode-mac-tables-poisoning-36740

Trust: 0.6

sources: VULHUB: VHN-395035 // JVNDB: JVNDB-2021-014294 // CNNVD: CNNVD-202110-1922 // NVD: CVE-2021-34793

SOURCES

db:VULHUBid:VHN-395035
db:JVNDBid:JVNDB-2021-014294
db:CNNVDid:CNNVD-202110-1922
db:NVDid:CVE-2021-34793

LAST UPDATE DATE

2024-08-14T13:53:52.271000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-395035date:2021-10-29T00:00:00
db:JVNDBid:JVNDB-2021-014294date:2022-10-12T07:17:00
db:CNNVDid:CNNVD-202110-1922date:2021-11-02T00:00:00
db:NVDid:CVE-2021-34793date:2023-11-07T03:36:26.283

SOURCES RELEASE DATE

db:VULHUBid:VHN-395035date:2021-10-27T00:00:00
db:JVNDBid:JVNDB-2021-014294date:2022-10-12T00:00:00
db:CNNVDid:CNNVD-202110-1922date:2021-10-27T00:00:00
db:NVDid:CVE-2021-34793date:2021-10-27T19:15:08.563