Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-1223

Опубликовано: 13 янв. 2021
Источник: nvd
CVSS3: 5.8
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*
Версия до 6.7.0 (исключая)
cpe:2.3:a:cisco:secure_firewall_management_center:2.9.14.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:secure_firewall_management_center:2.9.15:*:*:*:*:*:*:*
cpe:2.3:a:cisco:secure_firewall_management_center:2.9.16:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*
Версия до 17.4.1 (исключая)

Одно из

cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:csr_1000v:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:isa_3000:-:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:a:snort:snort:*:*:*:*:*:*:*:*
Версия до 2.9.17 (исключая)

EPSS

Процентиль: 67%
0.00561
Низкий

5.8 Medium

CVSS3

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-693
NVD-CWE-Other

Связанные уязвимости

ubuntu логотип

CVE-2021-1223

CVSS3: 7.5
ubuntu
больше 4 лет назад

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload.

debian логотип

CVE-2021-1223

CVSS3: 7.5
debian
больше 4 лет назад

Multiple Cisco products are affected by a vulnerability in the Snort d ...

github логотип

GHSA-xx67-mj7c-3wvg

CVSS3: 7.5
github
около 3 лет назад

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload.

fstec логотип

BDU:2021-00473

CVSS3: 5.8
fstec
больше 4 лет назад

Уязвимость системы обнаружения вторжений Snort, связанная с ошибками обработки HTTP-заголовков, позволяющая нарушителю обойти настроенную файловую политику для HTTP

EPSS

Процентиль: 67%
0.00561
Низкий

5.8 Medium

CVSS3

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-693
NVD-CWE-Other