Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-1223

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload.

Published

2021-01-13T22:15:20.317

Last Modified

2024-11-26T16:09:02.407

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Secondary
CWE-693
Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	cisco	firepower_threat_defense	< 6.7.0	Yes
Application	cisco	secure_firewall_management_center	2.9.14.0	Yes
Application	cisco	secure_firewall_management_center	2.9.15	Yes
Application	cisco	secure_firewall_management_center	2.9.16	Yes
Operating System	cisco	ios_xe	< 17.4.1	Yes
Hardware	cisco	1100-4p_integrated_services_router	-	No
Hardware	cisco	1100-8p_integrated_services_router	-	No
Hardware	cisco	1101-4p_integrated_services_router	-	No
Hardware	cisco	1109-2p_integrated_services_router	-	No
Hardware	cisco	1109-4p_integrated_services_router	-	No
Hardware	cisco	1111x-8p_integrated_services_router	-	No
Hardware	cisco	4221_integrated_services_router	-	No
Hardware	cisco	4321_integrated_services_router	-	No
Hardware	cisco	4331_integrated_services_router	-	No
Hardware	cisco	4351_integrated_services_router	-	No
Hardware	cisco	4431_integrated_services_router	-	No
Hardware	cisco	4451-x_integrated_services_router	-	No
Hardware	cisco	4461_integrated_services_router	-	No
Hardware	cisco	csr_1000v	-	No
Hardware	cisco	isa_3000	-	No
Application	snort	snort	< 2.9.17	Yes

References

https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html ([email protected])
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-filepolbypass-67DEwMe2 Vendor Advisory ([email protected])
https://www.debian.org/security/2023/dsa-5354 ([email protected])
https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html (af854a3a-2127-422b-91ae-364da2661108)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-filepolbypass-67DEwMe2 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.debian.org/security/2023/dsa-5354 (af854a3a-2127-422b-91ae-364da2661108)