CVE-2021-1223

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:secure_firewall_management_center:2.9.14.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:secure_firewall_management_center:2.9.15:*:*:*:*:*:*:*
cpe:2.3:a:cisco:secure_firewall_management_center:2.9.16:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:csr_1000v:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:isa_3000:-:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:snort:snort:*:*:*:*:*:*:*:*

History

26 Nov 2024, 16:09

Type Values Removed Values Added
CPE cpe:2.3:a:cisco:firepower_management_center:2.9.16:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_management_center:2.9.14.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:firepower_management_center:2.9.15:*:*:*:*:*:*:*
cpe:2.3:a:cisco:secure_firewall_management_center:2.9.14.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:secure_firewall_management_center:2.9.15:*:*:*:*:*:*:*
cpe:2.3:a:cisco:secure_firewall_management_center:2.9.16:*:*:*:*:*:*:*
First Time Cisco secure Firewall Management Center

21 Nov 2024, 05:43

Type Values Removed Values Added
References () https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html - () https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html -
References () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-filepolbypass-67DEwMe2 - Vendor Advisory () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-filepolbypass-67DEwMe2 - Vendor Advisory
References () https://www.debian.org/security/2023/dsa-5354 - () https://www.debian.org/security/2023/dsa-5354 -

Information

Published : 2021-01-13 22:15

Updated : 2024-11-26 16:09


NVD link : CVE-2021-1223

Mitre link : CVE-2021-1223

CVE.ORG link : CVE-2021-1223


JSON object : View

Products Affected

cisco

  • csr_1000v
  • 1109-2p_integrated_services_router
  • 1100-8p_integrated_services_router
  • 4431_integrated_services_router
  • isa_3000
  • 4331_integrated_services_router
  • 4221_integrated_services_router
  • 4451-x_integrated_services_router
  • ios_xe
  • secure_firewall_management_center
  • firepower_threat_defense
  • 1111x-8p_integrated_services_router
  • 1100-4p_integrated_services_router
  • 1109-4p_integrated_services_router
  • 4351_integrated_services_router
  • 4321_integrated_services_router
  • 1101-4p_integrated_services_router
  • 4461_integrated_services_router

snort

  • snort
CWE
CWE-693

Protection Mechanism Failure

NVD-CWE-Other